|
|
libSPF format string vulnerability (will be CVE-2006-1520): msg#00014mail.spam.spf.devel
It has been brought to my attention by Karl Chen <quarl@xxxxxxxxxxxxxxx> that when DEBUGGING is enabled in libSPF there exists a format string vulnerability. Karl Chen submitted a patch to remedy this problem and it has been released as libSPF-1.0.0-p5 and is available for download from the libSPF.org website. If you don't have DEBUGGING enabled you are not at risk, however it is recommended that to avoid possible future problems that you upgrade to the latest version. CVS is currently offline whilst a machine is being upgrade and should be available again by weeks end. ZIP: http://libSPF.org/files/src/libspf-1.0.0-p5.zip GZIP: http://libSPF.org/files/src/libspf-1.0.0-p5.tar.gz BZIP2: http://libSPF.org/files/src/libspf-1.0.0-p5.tar.bz2 Cheers, James ------- To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname=spf-devel@xxxxxxxxxxxxxx |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Final SPF specification = RFC 4408 has been released: 00014, Julian Mehnle |
|---|---|
| Next by Date: | Subversion repositories: 00014, Julian Mehnle |
| Previous by Thread: | Final SPF specification = RFC 4408 has been releasedi: 00014, Julian Mehnle |
| Next by Thread: | Subversion repositories: 00014, Julian Mehnle |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |