Hylafax Developers Mailing List Archives

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

[hylafax-devel] Re: Security patches for hylafax-v4.0pl2



On Wed, 14 Jun 2000, John Holland wrote:

> I had a bit of time last weekend, so in the interest of patching the setuid 
> uucp buffer overflow in faxalter and getting the FreeBSD/OpenBSD port 
> current, I did a beginnings of a security audit on hylafax-v4.0pl2.  Below 
> are patches for various unbounded string copies in the source.
> 
Looks Good.

[snip]
> 
> What is the status of hylafax-v4.0pl2?  Is any work being done on it?  Is 
> another patch level forthcoming?  Or is the effort being targeted to 
> 4.1beta?  Would my time be better spent looking at the latter?

Your time is better spent on the 4.1 CVS code base.

Hoever, for the people still using 4.0pl2, I put together an 
unofficial pl3 patch a few weeks ago. Check the archives for
hylafax4.0beta024 (aka pl3)

> 
[big snip]


-- 
Tim Rice				Multitalents	(707) 874-1130
tim@trr.metro.net



____________________ HylaFAX(tm) Developers Mailing List ____________________
 To unsub: mail -s unsubscribe hylafax-devel-request@hylafax.org < /dev/null



Home
Report any problems to webmaster@hylafax.org

HylaFAX is a trademark of Silicon Graphics Corporation.
Internet connectivity for hylafax.org is provided by:
VirtuALL Private Host Services