diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2005-03-03 13:13:21 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2005-03-03 13:13:21 +0000 |
| commit | 861b5e608b1df43099c3e41d797f0ce06608fff6 (patch) | |
| tree | 7742992b94f76f93f01bce44e53b0b5ec3473721 /CHANGES | |
| parent | f61917594e6541f0ddb1a8d0f1bfcfb312eb4835 (diff) | |
mention buffer overflows fixed
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -7,6 +7,14 @@ Changelog +Daniel (22 February 2005) +- NTLM and ftp-krb4 buffer overflow fixed, as reported here: + http://www.securityfocus.com/archive/1/391042 and the CAN report here: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490 + + If these security guys were serious, we'd been notified in advance and we + could've saved a few of you a little surprise, but now we weren't. + Daniel (19 February 2005) - Ralph Mitchell reported a flaw when you used a proxy with auth, and you requested data from a host and then followed a redirect to another |