--On Friday, December 06, 2002 1:27 AM +0100 Simon Josefsson
<[EMAIL PROTECTED]> wrote:
Any comment on why it took over a month to react to this reported
vulnerability?
Hi Simon,
You'll note that it has taken me almost a month to respond to your message.
This is mostly because I get very dist
On Tue, 3 Dec 2002, Rob Siemborski wrote:
> We'll be officially deprecating 1.x as of now (removal from the web
> and ftp sites except for the archives, etc).
If anyone on the list is running 1.6.25 still I'd be interested in
comparing fixes to this overflow bug in 1.6.25 code.
T.
Rob Siemborski <[EMAIL PROTECTED]> writes:
> On Tue, 3 Dec 2002, Nels Lindquist wrote:
>
>> On 3 Dec 2002 at 9:57, Steve Wright wrote:
>>
>> > The message below is forwarded from bugtraq.
>> > I've not seen any discussion of this, is an official fix available ?
>> > The "semi-exploit" shown does i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 3 Dec 2002, Nels Lindquist wrote:
> On 3 Dec 2002 at 9:57, Steve Wright wrote:
>
> > The message below is forwarded from bugtraq.
> > I've not seen any discussion of this, is an official fix available ?
> > The "semi-exploit" shown does indeed
On 3 Dec 2002 at 9:57, Steve Wright wrote:
> The message below is forwarded from bugtraq.
> I've not seen any discussion of this, is an official fix available ?
> The "semi-exploit" shown does indeed segfault imapd processes on my Debian
> (sid) boxes.
I'd imagine there should be patches for 1.6
Hello,
The message below is forwarded from bugtraq.
I've not seen any discussion of this, is an official fix available ?
The "semi-exploit" shown does indeed segfault imapd processes on my Debian
(sid) boxes.
Steve.
-- Forwarded Message --
Subject: pre-login buffer overflow