On Wed, 27 May 2009, Bjoern Voigt wrote:
Anyway, I think, the bug should be fixed for the next release of UW Imap, Alpine etc. Who can do this? I can help with a patch and with some testing it this is helpful.
I fail to see why this is important. The fix is obvious and trival, but I don't see why it is worth wasting time.
You agree that this is not a security issue; by its nature getpass() is only usable in shell programs and the interactive prompt makes it unsuitable for scripts.
It does not affect Alpine. It only affects mtest (which has other issues and is only a sample program) and mailutil.
mailutil has a 1024 byte buffer. How many people have passwords that are that long? So the only crash will be if someone deliberately makes it crash, and to accomplish what purpose?
-- Mark -- http://panda.com/mrc Democracy is two wolves and a sheep deciding what to eat for lunch. Liberty is a well-armed sheep contesting the vote. _______________________________________________ Imap-uw mailing list Imap-uw@u.washington.edu http://mailman2.u.washington.edu/mailman/listinfo/imap-uw