On 04/22/2011 12:34 AM, Stephen R. van den Berg wrote:
It would be helpful if the subsequent LOGIN wouldn't segfault, and would
simply return a temporary error, or would wait for a few moments, then retry.
This bug opens up a small window of opportunity to crash any aox
server right after a user has been added (if one knows which user).
Yes, but that would open the door to another attack, I'm afraid.
The MailboxReader class and its associated RAM tree have to go, and be
replaced with database work wherever mailboxes are used.
Arnt
