I have updated my unofficial unofficial pine packages in response to some security problems which have recently been discovered with pine.
A buffer overflow exists in the way unpatched versions of Pine prior to 4.57 handle the 'message/external-body' type. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2003-0720 to this issue. An integer overflow exists in the Pine MIME header parsing in versions prior to 4.57. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2003-0721 to this issue. Both of these flaws could be exploited by a remote attacker sending a carefully crafted email to the victim that will execute arbitrary code when the email is opened using Pine. You can find instructions for downloading my packages at http://www.braincells.com/open/ If you are using an earlier version please upgrade ASAP. One change I had to make in this version was to use the internal static c-client lib instead of the Debian package. I don't think it will make any difference but if you notice any weird problems, please let me know. -- Jaldhar H. Vyas <[EMAIL PROTECTED]> La Salle Debain - http://www.braincells.com/debian/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]