It has been brought to my attention by Karl Chen <quarl@cs.berkeley.edu> that
when DEBUGGING is enabled in libSPF there exists a format string vulnerability.
Karl Chen submitted a patch to remedy this problem and it has been released
as libSPF-1.0.0-p5 and is available for download from the libSPF.org website.
If you don't have DEBUGGING enabled you are not at risk, however it is
recommended that to avoid possible future problems that you upgrade to the
latest version.
CVS is currently offline whilst a machine is being upgrade and should be
available again by weeks end.
ZIP: http://libSPF.org/files/src/libspf-1.0.0-p5.zip
GZIP: http://libSPF.org/files/src/libspf-1.0.0-p5.tar.gz
BZIP2: http://libSPF.org/files/src/libspf-1.0.0-p5.tar.bz2
Cheers,
James
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
when DEBUGGING is enabled in libSPF there exists a format string vulnerability.
Karl Chen submitted a patch to remedy this problem and it has been released
as libSPF-1.0.0-p5 and is available for download from the libSPF.org website.
If you don't have DEBUGGING enabled you are not at risk, however it is
recommended that to avoid possible future problems that you upgrade to the
latest version.
CVS is currently offline whilst a machine is being upgrade and should be
available again by weeks end.
ZIP: http://libSPF.org/files/src/libspf-1.0.0-p5.zip
GZIP: http://libSPF.org/files/src/libspf-1.0.0-p5.tar.gz
BZIP2: http://libSPF.org/files/src/libspf-1.0.0-p5.tar.bz2
Cheers,
James
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com