Re: Movemail security issue (fix in SXEmacs?)

From:	Andrey Slusar <anrays@xxxxxxxxx>
Subject:	Re: Movemail security issue (fix in SXEmacs?)
Date:	Wed, 23 Feb 2005 08:17:01 +0200
Organization:	XEmacs User
User-agent:	Gnus/5.1006 (Gnus v5.10.6) XEmacs/21.5 (chives, i386--freebsd)

Wed, 23 Feb 2005 15:36:14 +1000, Steve Youngs wrote:

>   Johann>  
> http://bastard.youngs.au.com/pipermail/sxemacs-patches/2005-February/000165.html

>   > This is the CAN-2005-0100 vulnerability, right?

> Yep.

>   > In 21.4.17 and 21.5.19:

>   > 2005-01-29  Vin Shelton  <acs@xxxxxxxxxx>

>   >   * movemail.c (popmail): Pass error string as format parameter
>   >   instead of as part of format string. Security fixes for
>   >   CAN-2005-0100.

> Yes.  We have this change in SXEmacs.  Well, almost.  I just looked at
> it again and it would seem that I missed one hunk out of Vin's patch
> when I synched it across.  Oops. :-(

  Maybe you are created the new security fixed release. contained this
patch?

-- 
Regards,
Andrey.

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Movemail security issue (fix in SXEmacs?), Steve Youngs Re: Movemail security issue (fix in SXEmacs?), Andrey Slusar <= Re: Movemail security issue (fix in SXEmacs?), Steve Youngs

Previous by Date:	Re: Movemail security issue (fix in SXEmacs?), Steve Youngs
Next by Date:	The movemail security issue - myrk explains the issue, Johann 'Myrkraverk' Oskarsson
Previous by Thread:	Re: Movemail security issue (fix in SXEmacs?), Steve Youngs
Next by Thread:	Re: Movemail security issue (fix in SXEmacs?), Steve Youngs
Indexes:	[Date] [Thread] [Top] [All Lists]