Thomas Dickey <[EMAIL PROTECTED]> wrote: > --ReaqsoxgOBHFXBhH > Content-Type: text/plain; charset=iso-8859-1 > Content-Disposition: inline > Content-Transfer-Encoding: quoted-printable
> On Sat, Nov 12, 2005 at 10:10:08AM +0100, Martin Schulze wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >>=20 >> Format: 1.7 >> Date: Sat, 8 Oct 2005 09:23:11 +0200 >> Source: lynx >> Binary: lynx >> Architecture: source powerpc >> Version: 2.8.5-2sarge1 >> Distribution: stable-security >> Urgency: high >> Maintainer: Martin Schulze <[EMAIL PROTECTED]> >> Changed-By: Martin Schulze <[EMAIL PROTECTED]> >> Description:=20 >> lynx - Text-mode WWW Browser >> Changes:=20 >> lynx (2.8.5-2sarge1) stable-security; urgency=3Dhigh >> . >> * Non-maintainer upload by the Security Team >> * Applied patch by Ulf H=E4rnhammar to fix buffer overflow that can le= > ad >> to arbitrary code execution [WWW/Library/Implementation/HTMIME.c, >> CAN-2005-3120] > I wrote the patch. Ulf reported the problem. hmm - I was being too optimistic. Ulf's original patch, which I see in the diff's changes the behavior from a core dump to truncating the data (and giving the wrong result). I'd rather that the code work than simply replace one bug with another. -- Thomas E. Dickey http://invisible-island.net ftp://invisible-island.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
