> > [ forwarding to lynx-dev - see also followup forwarded separately ] I believe dev.22 fixes the recent report; the "security officer" did not bother to verify this before sending his announcement. That's the "%s" in sprintf. It's been a while since I reviewed strcat/strcpy usage, but I don't think those apply (each time I do review them I find some that I didn't before - but you can do only so many before you don't see them properly ;-). -- Thomas E. Dickey [EMAIL PROTECTED] http://www.clark.net/pub/dickey
- lynx-dev lynx 2.8.x - 'special URLs' anti-spoofing ... Klaus Weide
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-... Philip Webb
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-... T.E.Dickey
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-... T.E.Dickey
- Re: lynx-dev lynx 2.8.x - 'special URLs' a... Philip Webb
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-... T.E.Dickey
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-... Henry Nelson
- Re: lynx-dev lynx 2.8.x - 'special URLs' a... Frederic L. W. Meunier
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-... T.E.Dickey
