In-Reply-To: <87r7irrzne.fsf@xxxxxxxxxxxxxxxxxx> Hi Two notes: - the format string security bug is now fixed in hashcash-1.17 - Hubert is correct that the bug was not in hashcash-1.13, it was introduced in hashcash 1.14 Cheers Adam >Just to note, version 1.13 of hashcash (incidentally, the version that's >in Debian testing) doesn't seem to be vulnerable, as it doesn't contain >the buggy line that Travis found. I'm not sure exactly when the bug was >introduced.
