[INN-COMMITTERS] STABLE-2_3 inn/innd (art.c)

Russ Allbery rra at stanford.edu
Tue Jun 6 19:59:34 UTC 2000

    Date: Tuesday, June 6, 2000 @ 12:59:34
  Author: rra
     Tag: STABLE-2_3

Update of /dist1/cvs/isc/inn/inn/innd
     from pub3.rc.vix.com:/tmp/cvs-serv26857

Modified: art.c

SECURITY: Possible buffer overflow in the log message for a mismatch
between the addresses of a cancel and the original message if
verifycancels is enabled in inn.conf.  Use MaxLength to cap the length
of the logged message ID on verifycancels, cap the length of filter
message returns at 200 characters out of paranoia, and use MaxLength
to cap the length of a newsgroup one isn't allowed to post to (paranoia).

More information about the inn-committers mailing list