[linux-delhi] (fwd) Qpopper 4.0.3 Fixes Buffer Overflow (fwd)

Raju Mathur Sat, 02 Jun 2001 11:22:32 -0700
[Qpopper 4.0.x where x < 3 has a buffer overflow.  If you use Qpopper
please upgrade, from source or as soon as your distribution vendor
releases a package for 4.0.3 -- Raju]

This is an RFC 1153 digest.
(1 message)
----------------------------------------------------------------------

Return-Path: <[EMAIL PROTECTED]>
Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:[EMAIL PROTECTED]>
List-Help: <mailto:[EMAIL PROTECTED]>
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
List-Subscribe: <mailto:[EMAIL PROTECTED]>
Delivered-To: mailing list [EMAIL PROTECTED]
Delivered-To: moderator for [EMAIL PROTECTED]
Received: (qmail 29768 invoked from network); 2 Jun 2001 15:38:37 -0000
Message-ID: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
From: Michael Brennen <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd)
Date: Sat, 2 Jun 2001 10:37:44 -0500 (CDT)


Forwarded from the qpopper list.

---------- Forwarded message ----------
Date: Fri, 1 Jun 2001 23:28:20 -0700
From: Qpopper Support <[EMAIL PROTECTED]>
To: Qpopper Public List <[EMAIL PROTECTED]>,
     [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Qpopper 4.0.3 **** Fixes Buffer Overflow ****

Qpopper 4.0.3 is available at
<ftp://ftp.qualcomm.com/eudora/servers/unix/popper/>.


**** 4.0.3 FIXES A BUFFER OVERFLOW PRESENT IN ALL VERSIONS OF 4.0 --
PLEASE UPGRADE IMMEDIATELY ***


Changes from 4.0.2 to 4.0.3:
----------------------------
  1.  Don't call SSL_shutdown unless we tried to negotiate an
      SSL session.  (As suggested by Kenneth Porter.)
  2.  Fix buffer overflow  (reported by Gustavo Viscaino).
  3.  Fixed empty password treated as empty command (patch
      submitted by Michael Smith and others).
  4.  Added patch by Carles Xavier Munyoz to fix erroneous
      scanning for \n in getline().
  5.  Fix from Arvin Schnell for warnings on 64-bit systems.
  6.  Added patch by Clifton Royston to change error message
      for nonauthfile and authfile tests.
  7.  Added 'uw-kludge' as synonym for 'uw-kluge'.

------------------------------

End of this Digest
******************

-- 
Raju Mathur          [EMAIL PROTECTED]           http://kandalaya.org/

------------------------------------------------
An alpha version of a web based tool to manage
your subscription with this mailing list is at
http://lists.linux-india.org/cgi-bin/mj_wwwusr
[linux-delhi] (fwd) Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd)

Reply via email to

[linux-delhi] (fwd) Qpopper 4.0.3 Fixes Buffer Overflow (fwd)
