Rene Bernhardt found and fixed a buffer overrun in the NTLM code, where

libcurl always and unconditionally overwrote a stack-based array with 3 zero bytes. I edited the fix to make it less likely to occur again (and added a comment explaining the reason to the buffer size).
author: Daniel Stenberg <daniel@haxx.se> 2004-12-07 23:09:41 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2004-12-07 23:09:41 +0000
commit: 80a324386b0d6653a19da6e3eeb28530e2478e5d (patch)
tree: 2197e3cf03a1b37b61f29bdb85afd70036889763 /RELEASE-NOTES
parent: 163518778c9d59256ab59dd7fb99d21f8a0e9ae7 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 79d741d01..503514aa0 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -25,6 +25,7 @@ This release includes the following changes:
 
 This release includes the following bugfixes:
 
+ o bad memory access in the NTLM code
  o EPSV on multi-homed servers now works correctly
  o chunked-encoded transfers could get closed pre-maturely without error
  o proxy CONNECT now default timeouts after 3600 seconds
@@ -61,6 +62,6 @@ advice from friends like these:
  Tomas Pospisek, Gisle Vanem, Dan Fandrich, Paul Nolan, Andres Garcia,
  Tim Sneddon, Ian Gulliver, Jean-Philippe Barrette-LaPierre, Jeff Phillips,
  Wojciech Zwiefka, David Phillips, Reinout van Schouwen, Maurice Barnum,
- Richard Atterer
+ Richard Atterer, Rene Bernhardt
 
         Thanks! (and sorry if I forgot to mention someone)
author	Daniel Stenberg <daniel@haxx.se>	2004-12-07 23:09:41 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2004-12-07 23:09:41 +0000
commit	80a324386b0d6653a19da6e3eeb28530e2478e5d (patch)
tree	2197e3cf03a1b37b61f29bdb85afd70036889763 /RELEASE-NOTES
parent	163518778c9d59256ab59dd7fb99d21f8a0e9ae7 (diff)