I am not so sure if this (not updating) is a good idea. Many of us swap
files with M$ using folks, so we need to be able to trust the .zip file
we are getting is a good one. Apple has also issued an advisory about
this vulnerability:
Apple Security Advisory APPLE-SA-2002-10-02 Stuffit Expander ZIP
archives containing files with large filenames can cause a buffer
overflow when expanded. Versions 6.5.2 and earlier of the Stuffit
Expander utility contain this vulnerability. Affected systems: Systems
that contain Stuffit Expander version 6.5.2 or earlier
Jerry
On Thursday, October 3, 2002, at 02:59 AM, Jesse Walker wrote:
> Too bad Stuffit Expander 7 is a total mess in its current incarnation.
> I suggest people stay at their current version until 7 is updated. May
> have had trouble expanding .bin, .hqx and other formats. I can't say I
> know anyone which would consider .bin and .hqx to be so rare as to not
> pose a problem for them.
>
> Jesse
>
> By the way, I'm new to the mailing list. I'm a 24 year old college
> student and freelance Mac technician/consultant in Louisville. I was
> pleases to see how active the mailing list is and to find some Mac
> cohorts locally.
>
>
> On Thursday, October 3, 2002, at 12:43 AM, Jerry Yeager wrote:
>
>> For those that have not heard, Alladin has announced that SuffIt
>> Expander users need to upgrade to version 7 as the earlier version are
>> vulnerable to a particular type Trojan horse attack.
>>
>> Jerry
>>
>>
>> The next meeting of the Louisville Computer Society will be October 22
>> For more information, see <http://www.aye.net/~lcs>. A calendar of
>> activities is at <http://www.calsnet.net/macusers>.
>>
>
>
> The next meeting of the Louisville Computer Society will be October 22
> For more information, see <http://www.aye.net/~lcs>. A calendar of
> activities is at <http://www.calsnet.net/macusers>.
>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 2021 bytes
Desc: not available
Url :
http://www.math.louisville.edu/pipermail/macgroup/attachments/20021003/c2938e15/attachment.bin
