Bugtraq mailing list archives
Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd)
From: Michael Brennen <mbrennen () fni com>
Date: Sat, 2 Jun 2001 10:37:44 -0500 (CDT)
Forwarded from the qpopper list. ---------- Forwarded message ---------- Date: Fri, 1 Jun 2001 23:28:20 -0700 From: Qpopper Support <qpopper () qualcomm com> To: Qpopper Public List <qpopper () lists pensive org>, qpopper-announce () rohan qualcomm com Cc: qpopper () qualcomm com Subject: Qpopper 4.0.3 **** Fixes Buffer Overflow **** Qpopper 4.0.3 is available at <ftp://ftp.qualcomm.com/eudora/servers/unix/popper/>. **** 4.0.3 FIXES A BUFFER OVERFLOW PRESENT IN ALL VERSIONS OF 4.0 -- PLEASE UPGRADE IMMEDIATELY *** Changes from 4.0.2 to 4.0.3: ---------------------------- 1. Don't call SSL_shutdown unless we tried to negotiate an SSL session. (As suggested by Kenneth Porter.) 2. Fix buffer overflow (reported by Gustavo Viscaino). 3. Fixed empty password treated as empty command (patch submitted by Michael Smith and others). 4. Added patch by Carles Xavier Munyoz to fix erroneous scanning for \n in getline(). 5. Fix from Arvin Schnell for warnings on 64-bit systems. 6. Added patch by Clifton Royston to change error message for nonauthfile and authfile tests. 7. Added 'uw-kludge' as synonym for 'uw-kluge'.
Current thread:
- Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) Michael Brennen (Jun 02)
- Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) Roman Drahtmueller (Jun 05)
- Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) Renaud Deraison (Jun 05)
- Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) Florian Weimer (Jun 05)
- Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) William D. Colburn (aka Schlake) (Jun 05)
- Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) Roman Drahtmueller (Jun 05)