Hylafax Developers Mailing List Archives
|
[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
[hylafax-devel] Re: Security patches for hylafax-v4.0pl2
On Wed, 14 Jun 2000, John Holland wrote:
> I had a bit of time last weekend, so in the interest of patching the setuid
> uucp buffer overflow in faxalter and getting the FreeBSD/OpenBSD port
> current, I did a beginnings of a security audit on hylafax-v4.0pl2. Below
> are patches for various unbounded string copies in the source.
>
Looks Good.
[snip]
>
> What is the status of hylafax-v4.0pl2? Is any work being done on it? Is
> another patch level forthcoming? Or is the effort being targeted to
> 4.1beta? Would my time be better spent looking at the latter?
Your time is better spent on the 4.1 CVS code base.
Hoever, for the people still using 4.0pl2, I put together an
unofficial pl3 patch a few weeks ago. Check the archives for
hylafax4.0beta024 (aka pl3)
>
[big snip]
--
Tim Rice Multitalents (707) 874-1130
tim@trr.metro.net
____________________ HylaFAX(tm) Developers Mailing List ____________________
To unsub: mail -s unsubscribe hylafax-devel-request@hylafax.org < /dev/null