On Sun, Mar 10, 2002 at 07:02:29PM -0500, Eric S. Raymond wrote:
fetchmail-5.9.10 (Sun Mar 10 15:09:57 EST 2002), 21529 lines:
* Security fix: don't trust the message count passed back by the server.
While testing, we seem to have discovered a similar bug which allows a
malicious server to crash 5.9.10 on 64-bit boxes (or on systems where
sizeof(size_t) != sizeof(int), which is the case on the 64-bit boxes we
have here). I'm attaching our candidate patch. Comments?
Nalin
fetchmail-5.9.10-64bitfix.patch
Description: Text document