Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#47498 - [openvpn] out-of-bounds read in openvpn < 2.3.9
Attached to Project:
Arch Linux
Opened by Remi Gacogne (rgacogne) - Tuesday, 22 December 2015, 20:05 GMT
Last edited by Sébastien Luttringer (seblu) - Monday, 28 December 2015, 12:41 GMT
Opened by Remi Gacogne (rgacogne) - Tuesday, 22 December 2015, 20:05 GMT
Last edited by Sébastien Luttringer (seblu) - Monday, 28 December 2015, 12:41 GMT
|
DetailsHello,
An out-of-bounds read has been found [1] in OpenVPN < 2.3.9, and fixed in 2.3.9. This is not clear whether it's actually exploitable, I will update this issue as soon as I know more. [1]: https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html |
This task depends upon
Closed by Sébastien Luttringer (seblu)
Monday, 28 December 2015, 12:41 GMT
Reason for closing: Fixed
Monday, 28 December 2015, 12:41 GMT
Reason for closing: Fixed
Note: I removed the systemd askpass patch because it does not merge. The commit 62ba55a claims to fix it properly.