> -----Original Message-----
> From: Neil Conway [mailto:[EMAIL PROTECTED]]
> Sent: Monday, August 19, 2002 10:48 PM
> To: Dann Corbit
> Cc: Neil Conway; Mark Pritchard; Justin Clift; Tom Lane;
> Christopher Kings-Lynne; [EMAIL PROTECTED]
> Subject: Re: [HACKERS] @(#) Mordred Labs advisory 0x0001:
> Buffer overflow in
>
>
> "Dann Corbit" <[EMAIL PROTECTED]> writes:
> > I read (in some other message) that this buffer overrun problem has
> > been known for a very, very long time.
>
> No, the problem you're referring to (cash_out() and friends)
> is *not* a buffer overrun.
I did miss the one message that said it was not a buffer overrun (I just
got back from vacation, sorry).
However, if it *can* crash the server, that sounds pretty important to
me. Another message in this thread seemed to indicate that security was
not a major focus (lagging behind adding new features). I do hope that
is not true.
---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
