[prev][next][list][thread]

sylpheed:24429

From: Hiroyuki Yamamoto <hiro-y@xxxxxxxxxx>
Date: Thu, 24 Mar 2005 18:31:40 +0900
Subject: [sylpheed:24429] [SECURITY] Sylpheed 1.0.4 (stable) released

Hello,

I've made an urgent release of 1.0.4, since a buffer overflow bug,
similar to the one which was fixed at 1.0.3, was found in another part.

This vulnerability exists in the version from 0.8.0 to 1.0.3, and from
1.9.0 to 1.9.4, so be sure to upgrade. 1.9.5 and 1.9.6 don't have the
problem.

Also, the previously found vulnerability exists in from 0.8.0 to 1.0.2,
and from 1.9.0 to 1.9.4, and it doesn't exist in the version before
0.8.0.

Changes:

    * A buffer overflow which occurred when displaying a message with
      attachments which have MIME-encoded filenames was fixed.
    * A possible crash on re-edit of messages was fixed.

-- 
Hiroyuki Yamamoto <hiro-y@xxxxxxxxxx>

Attachment

[prev][next][list][thread]