Markus Wuebben writes:
> Is this known?
> A complete description of the problem can be found
> at http://www.inter7.com/vpopmail/exploit.html
Yes, it's known. The patch is still given using strlen(), though,
which drags in the C library and makes qmail-pop3d gratuitiously
bigger.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | "Ask not what your country
521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
