On 4/24/06, Archaic <[EMAIL PROTECTED]> wrote: > > Does this new sasl version fix the vulnerability with digest-md5?
This was just checked in. Does it ring a bell? Should I port it back to 2.1.21? https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.178&r2=1.179 Log entry is "Prevent buffer overrun when DIGEST-MD5 plugin receives a packet shorter than 16 bytes." -- Dan -- http://linuxfromscratch.org/mailman/listinfo/blfs-book FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
