On Tue, Mar 11, 2003 at 07:05:51PM -0800, Randall Gellens wrote:
> The first I heard of the problem was this morning. Was any notice
> sent to qpopper-bugs_at_qualcomm.com or qpopper-patches_at_qualcomm.com in
> advance of the posting here? If so, please let me know the details
> so I can see what happened to the message. If not, I'd like to know
> why.
The cause for this bug is already identified and the fix is really
simple, I didn't see a reason to delay the post. It wasn't my intention
to cause you trouble, if I did so, I'm sorry. I had bad experience
informing vendors in the past, so I skipped that in this case.
For example, some time ago I reported the (non-exploitable) bug in
pop_msg.c, line 254f.:
free(local_element.mdef_macro); /* From strdup */
return pop_msg(p, POP_SUCCESS, HERE, "Macro \"%s\" accepted",
local_element.mdef_macro);
and I didn't get a reply. Perhaps you want to fix this flaw too, in fc2.
regards,
Florian Heinz
Received on Mar 12 2003
Intro
