[VIM] Vendor ACK for iodine buffer overflow
security curmudgeon
jericho at attrition.org
Sat Nov 11 04:27:40 EST 2006
: http://code.kryo.se/iodine/CHANGELOG.txt
:
: 2006-11-05: 0.3.3
: - Fixed possible buffer overflow
: (Found by poplix)
Not so fast!
CHANGES:
2006-11-08: 0.3.4
- Fixed handshake() buffer overflow
(Found by poplix, Secunia: SA22674 / FrSIRT/ADV-2006-4333)
This seems to address CVE-2006-5781 which is from BUGTRAQ:20061102 iodine
client 0.3.2 buffer overflow. The 0.3.3 fix is for a different overflow it
seems.
More information about the VIM
mailing list