Cyrus SASL 2.1.23 Released

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'd like to announce the release of Cyrus SASL 2.1.23 on 
ftp.andrew.cmu.edu.  This version includes a fix for a potential buffer 
overflow in sasl_encode64() (see http://www.kb.cert.org/vuls/id/238019), 
otherwise it is identical to 2.1.22.  Please note that while this fixes 
vulnerable code, non-vulnerable code may break if the buffer passed to 
sasl_encode64() is the exact size of the encoded data and doesn't 
include space for the trailing NUL.

Please send any feedback either to cyrus-sasl@xxxxxxxxxxxxxxxxxxxx
(public list) or to cyrus-bugs@xxxxxxxxxxxxxxx

Download at:
ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz

-- 
Kenneth Murchison
Systems Programmer
Carnegie Mellon University
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux