On Fri, Feb 08, 2002 at 09:08:26AM -0600, Jon Keating wrote: > This crash occurred when a static buffer of 1024 bytes overflowed. This > is fixed in the latest version of licq in the CVS and should be in the > next CVS daily snapshot. The CVS copy of licq uses the new v8 protocol > (otherwise known as OSCAR) while the latest release does not. If for some > reason you do not want to use the CVS copy, use the attached patch, and > when prompted for file to patch enter the full path to icqd-chat.cpp (i.e. > /home/user/licq/src/icqd-chat.cpp)
The current (old) stable release of Debian contains a package for licq 0.76. >From a quick examination of the source and patch, it does not look like this particular issue could affect that version, since the feature being patched does not appear to exist, but I would appreciate confirmation from you. Can you comment on the possibility of a similar problem in 0.76, or any other security issues? -- - mdz _______________________________________________ Licq-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/licq-devel
