Bugtraq mailing list archives
Re: [ GLSA 200503-12 ] Hashcash: Format string vulnerability
From: Adam Back <adam () cypherspace org>
Date: 7 Apr 2005 05:19:30 -0000
In-Reply-To: <87r7irrzne.fsf () evinrude uhoreg ca> Hi Two notes: - the format string security bug is now fixed in hashcash-1.17 - Hubert is correct that the bug was not in hashcash-1.13, it was introduced in hashcash 1.14 Cheers Adam
Just to note, version 1.13 of hashcash (incidentally, the version that's in Debian testing) doesn't seem to be vulnerable, as it doesn't contain the buggy line that Travis found. I'm not sure exactly when the bug was introduced.
Current thread:
- Re: [ GLSA 200503-12 ] Hashcash: Format string vulnerability Adam Back (Apr 07)