From owner-cvs-all  Wed May 24 13: 6:30 2000
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id E048A37BC52; Wed, 24 May 2000 13:06:26 -0700 (PDT)
	(envelope-from kris@FreeBSD.org)
Received: from localhost (kris@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id NAA06616;
	Wed, 24 May 2000 13:06:21 -0700 (PDT)
	(envelope-from kris@FreeBSD.org)
X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs
Date: Wed, 24 May 2000 13:06:15 -0700 (PDT)
From: Kris Kennaway <kris@FreeBSD.org>
To: "Chris D. Faulhaber" <jedgar@fxp.org>
Cc: "Andrey A. Chernov" <ache@freebsd.org>,
	cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: ports/mail/popper Makefile
In-Reply-To: <Pine.BSF.4.10.10005241600540.62709-100000@pawn.primelocation.net>
Message-ID: <Pine.BSF.4.21.0005241305060.6274-100000@freefall.freebsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, 24 May 2000, Chris D. Faulhaber wrote:

> > What overflow you mean exactly? Most recent overflows are in Qpopper 3 we 
> > don't have.
> > 
> 
> Date: Tue, 23 May 2000 09:43:33 -800
> From: Prizm <prizm@RESENTMENT.ORG>
> To: BUGTRAQ@SECURITYFOCUS.COM
> Subject: Qpopper 2.53 remote problem,
>                   user can gain [iso-8859-1] gid=mail

This advisory includes a simple patch which I was going to evaluate
tonight..if it works as advertised I'll remove the FORBIDDEN tag once I
commit it.

Kris

----
In God we Trust -- all others must submit an X.509 certificate.
    -- Charles Forsythe <forsythe@alum.mit.edu>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message