Rev 39 | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 39 | Rev 40 | ||
|---|---|---|---|
| Line 4... | Line 4... | ||
| 4 | long sender addresses. Thanks to Hannah Schroeter. |
4 | long sender addresses. Thanks to Hannah Schroeter. |
| 5 | * 52_compile_bufoverflow.dpatch: Prevent buffer overflows in SPF_compile |
5 | * 52_compile_bufoverflow.dpatch: Prevent buffer overflows in SPF_compile |
| 6 | from mechanisms with huge domainspecs. Workaround suggested by |
6 | from mechanisms with huge domainspecs. Workaround suggested by |
| 7 | upstream. Limits the size of mechanisms and modifiers, but that |
7 | upstream. Limits the size of mechanisms and modifiers, but that |
| 8 | shouldn't be a problem in practice. |
8 | shouldn't be a problem in practice. |
| - | 9 | * 42_empty_sender.dpatch could previously cause segfaults by trying to |
|
| - | 10 | write to a constant string. Fixed. |
|
| 9 | 11 | ||
| 10 | -- Magnus Holmgren <holmgren@debian.org> Wed, 05 Nov 2008 10:34:13 +0100 |
12 | -- Magnus Holmgren <holmgren@debian.org> Wed, 05 Nov 2008 10:37:20 +0100 |
| 11 | 13 | ||
| 12 | libspf2 (1.2.5.dfsg-5+lenny1) testing-security; urgency=high |
14 | libspf2 (1.2.5.dfsg-5+lenny1) testing-security; urgency=high |
| 13 | 15 | ||
| 14 | * [CVE-2008-2469] 50_dns_resolv_bufoverflow.dpatch: Fix buffer overflows |
16 | * [CVE-2008-2469] 50_dns_resolv_bufoverflow.dpatch: Fix buffer overflows |
| 15 | in DNS response parsing. |
17 | in DNS response parsing. |