[INN-COMMITTERS] STABLE-2_2 inn/innd (art.c)

Russ Allbery rra at stanford.edu
Tue Jun 6 19:58:29 UTC 2000


    Date: Tuesday, June 6, 2000 @ 12:58:29
  Author: rra
     Tag: STABLE-2_2

Update of /dist1/cvs/isc/inn/inn/innd
     from pub3.rc.vix.com:/tmp/cvs-serv26723

Modified: art.c

SECURITY: Possible buffer overflow in the log message for a mismatch
between the addresses of a cancel and the original message if
verifycancels is enabled in inn.conf.  Use MaxLength to cap the length
of the logged message ID on verifycancels, cap the length of filter
message returns at 200 characters out of paranoia, and use MaxLength
to cap the length of a newsgroup one isn't allowed to post to (paranoia).




More information about the inn-committers mailing list