Attention is currently required from: plaisthos, syzzer. MaxF has posted comments on this change by MaxF. ( http://gerrit.openvpn.net/c/openvpn/+/1549?usp=email )
Change subject: Avoid unbounded allocations in pkcs11_mbedtls.c ...................................................................... Patch Set 1: (2 comments) Patchset: PS1: I don't understand why the tests are failing. Some of them don't even use mbedtls. Can someone else take a look? PS1: > The change itself looks good. And might even be good practice. […] You're right, that's why this is not a CVE. I discussed it with Gert in the private-issues repo and we agreed to label it as "minibug". We can't protect against a malicious pkcs11 provider, but maybe we can be more robust against a buggy one. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1549?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings?usp=email Gerrit-MessageType: comment Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I53d47e4a0d33c380ee95e0e33aecad3db3197940 Gerrit-Change-Number: 1549 Gerrit-PatchSet: 1 Gerrit-Owner: MaxF <[email protected]> Gerrit-Reviewer: plaisthos <[email protected]> Gerrit-CC: openvpn-devel <[email protected]> Gerrit-CC: syzzer <[email protected]> Gerrit-Attention: syzzer <[email protected]> Gerrit-Attention: plaisthos <[email protected]> Gerrit-Comment-Date: Sun, 22 Feb 2026 22:14:40 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: syzzer <[email protected]>
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
