On Sun, Apr 19, 2026 at 07:48:40AM +0800, Kevin J. McCarthy wrote:
On Sat, Apr 18, 2026 at 08:27:26PM +0200, Alejandro Colomar via Mutt-dev wrote:kevin/stable-security-06 Fix imap_auth_gss() security_level size.I think the commit message should also say something about the change from long to uint32_t. It's weird that it has been working, considering that long is usually 64-bits wide. Was it really working by pure accident?It's possible it isn't working at all. The branch only happened for passwords > 64 characters.
Err... sorry, it was early and I was getting my commits mixed up. :-D The comments seem to indicate the buf_size isn't actually important: /* we don't care about buffer size if we don't wrap content. But here it is */ [...] buf_size = htonl (buf_size); /* not relevant without integrity/privacy */ So I can only surmise that it was incorrect but neither side cared. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature
