On 20.12.18 15:41, Kern Sibbald wrote: > I have also put the latest version of the Bacula libs3 source code into > > https://blog.bacula.org/downloads/libs3-20181010.tar.gz > > This source does not contain the latest patches that you mention below > to make it work with a newer libcurl and gcc.
Please be extremely careful with the fix-buffer-sizes.patch to request.c. I just know enough C to be dangerous and hastily threw those fixes together as a PoC, adapting 4f2db1eb from upstream as best as I could to the older codebase. The result is either broken or totally insecure, most probably both! You better throw away my version of the change and directly base your changes on upstream commit 4f2db1eb. Grüße, Sven.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Bacula-devel mailing list Bacula-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-devel
