Eggdev: [PATCH] CVE-2007-2807: stack-based buffer overflow

Nico Golde nion at debian.org
Wed Oct 17 12:34:24 CST 2007


Hi Will,
* Will Buckner <wcc at techmonkeys.org> [2007-10-17 20:14]:
> Extremely sorry for the late response. Your e-mail got caught up in our mailing 
> list approval queue :)

Heh, no problem :)

> Thanks for the patch; it has been committed (with slight 
> modifications) to CVS for Eggdrop 1.6.19.
> 
> The only modifications I made were to use some of our macros for 
> snprintf/strncpy (egg_snprintf() and strncpyz() respectively). We have a 
> compatibility layer for systems that don't support snprintf(), and we use 
> strncpyz() in most places to replace strncpy().

Ah ok, I was not aware of these issues but the patch should 
work too. Thanks for including it!
Kind regards
Nico
-- 
Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.eggheads.org/pipermail/eggdev/attachments/20071017/fe224582/attachment.bin>


More information about the Eggdev mailing list