[mew-dist 23519] zlib 1.1.4 vulnerability
Kazu Yamamoto ( 山本和彦 )
kazu at example.com
2003年 4月 1日 (火) 16:59:52 JST
Hello,
As you may know a security hole have been found in zlib 1.1.4:
http://www.securityfocus.com/bid/6913
Since bin/mewencode is linked with the zlib, I investigate this.
Because mewencode does NOT use gzprintf(), I believe mewencode is NOT
vulnerable.
Of course, upgrading of zlib is a good thing, anyway, though zlib
1.1.5 is not available at this moment.
--Kazu
Mew-dist メーリングリストの案内