[EMAIL PROTECTED] said:
> Versions prior to 1.0.3 of the nmh package contained a vulnerability
> where incoming mail messages with carefully designed MIME headers
> could cause nmh's mhshow command to execute arbitrary shell code.
> This bug has been fixed in nmh 1.0.3 and we encourage you to upgrade
> immediately. The fixed package is available at
Hello Rudd & All,
This version of nmh 1.0.3 just compiles okay under
Linux RH-6.0 and HPUX-10.20. For the first one, I
tried gcc-2.95 first but got errors and I finally
build the package with /usr/bin/cc.
For HPUX-10.20, gcc-2.95 did it well but I always
notice a small hack needs to be done into file
<nmh-source>/zotnet/tws/lexstring.c to avoid scan
command from always dumping core :-(
1
2 /*
3 * lexstring.c
4 *
5 * $Id$
6 */
7
8 #define ONECASE 1
9
10 #include <stdio.h>
11 #include <ctype.h>
12
13 #define YYLERR yysvec
14 #define YYTYPE int
15 #define YYLMAX 256
16 #undef hpux <---- stuff added
17
18 struct yysvf {
19 #ifndef hpux
20 struct yywork *yystoff;
Please could you consider that fix for later versions.
Thanks again for your help and support. Best regards,
--
Emile_CARCAMO Intranet Internet
H.P. / Convex http://cvxfr.france.hp.com [EMAIL PROTECTED] ESTE 86
Soft. support [EMAIL PROTECTED] http://www.aeste.org
+----------------------------------------------------+
01-6982-6378 FAX | Your mouse has moved. Windows NT must be restarted |
01-6929-5013 PHONE | for the change to take effect. Reboot now? [ OK ] |
