Date: Mon, 4 Jun 2001 15:25:03 +0400 From: "Nickolay A. Kritsky" <nkritsky@internethelp.ru> To: <security@FreeBSD.ORG> Subject: Re: FYI Message-ID: <056701c0ece9$0308d720$0600a8c0@ibmka.internethelp.ru>
next in thread | raw e-mail | index | archive | help
Does it mean, that popper supplied with FreeBSD 3.3 (/usr/local/libexec/popper) is vulnerable too? Best Regards NKritsky - SysAdmin InternetHelp.Ru http://www.internethelp.ru e-mail: nkritsky@internethelp.ru -----Original Message----- From: Brett Glass <brett@lariat.org> To: security@FreeBSD.ORG <security@FreeBSD.ORG> Date: 2 èþíÿ 2001 ã. 22:49 Subject: FYI >Date: Fri, 1 Jun 2001 23:28:20 -0700 >From: Qpopper Support <qpopper@qualcomm.com> >To: Qpopper Public List <qpopper@lists.pensive.org>, > qpopper-announce@rohan.qualcomm.com >Cc: qpopper@qualcomm.com >Subject: Qpopper 4.0.3 **** Fixes Buffer Overflow **** > >Qpopper 4.0.3 is available at ><ftp://ftp.qualcomm.com/eudora/servers/unix/popper/>. > > >**** 4.0.3 FIXES A BUFFER OVERFLOW PRESENT IN ALL VERSIONS OF 4.0 -- >PLEASE UPGRADE IMMEDIATELY *** > > >Changes from 4.0.2 to 4.0.3: >---------------------------- > 1. Don't call SSL_shutdown unless we tried to negotiate an > SSL session. (As suggested by Kenneth Porter.) > 2. Fix buffer overflow (reported by Gustavo Viscaino). > 3. Fixed empty password treated as empty command (patch > submitted by Michael Smith and others). > 4. Added patch by Carles Xavier Munyoz to fix erroneous > scanning for \n in getline(). > 5. Fix from Arvin Schnell for warnings on 64-bit systems. > 6. Added patch by Clifton Royston to change error message > for nonauthfile and authfile tests. > 7. Added 'uw-kludge' as synonym for 'uw-kluge'. > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?056701c0ece9$0308d720$0600a8c0>