[Cabal] [Fwd: xmlnode memory leak patch]
Ethan Blanton
elb at psg.com
Sun Dec 31 13:41:07 EST 2006
Luke Schierer spake unto us the following wisdom:
> Does this have security implications that it is not being discussed on
> -devel?
Yes. Malformed XML sent on Jabber, Bonjour, or UPnP can cause us to
leak an arbitrary (chosen by the "attacker") amount of memory.
Ethan
--
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://pidgin.im/cgi-bin/mailman/private/cabal/attachments/20061231/db7bde47/attachment.pgp
More information about the Cabal
mailing list