1 | Revision history for Perl extension Convert::UUlib. |
1 | Revision history for Perl extension Convert::UUlib. |
2 | |
2 | |
|
|
3 | - lint uulib: fix some format string type mismatches |
|
|
4 | and some other minor issues. |
|
|
5 | |
|
|
6 | 1.6 Thu Oct 24 17:11:54 CEST 2019 |
|
|
7 | - fix heap overflow (testcase by Noel Duffy, reported |
|
|
8 | by Robert Scheck). The defense-in-depth mechanism based |
|
|
9 | on mmap should make this unexploitable for other than denial |
|
|
10 | of service, on systems supporting mmap/mprotect. |
|
|
11 | |
|
|
12 | 1.5 Sat Jul 11 03:56:06 CEST 2015 |
|
|
13 | - fix a heap overflow (testcase by Krzysztof WojtaĆ). |
|
|
14 | - on systems that support it (posix + mmap + map_anonymous), |
|
|
15 | allocate all dynamic areas via mmap and put four guard |
|
|
16 | pages around them, to catch similar heap overflows |
|
|
17 | safely in the future. |
|
|
18 | - find a safer way to pass in CC/CFLAGS to uulib. |
|
|
19 | - added stability canary support. |
|
|
20 | |
|
|
21 | 1.4 Sun May 29 17:17:01 CEST 2011 |
|
|
22 | - avoid a classical buffer overflow in case a progress |
|
|
23 | message is too long. |
|
|
24 | - this release adds dependencies for snprintf/vsnprintf. |
|
|
25 | - some uuencode encoders do not generate a final "space" line |
|
|
26 | before the "end" marker, so do not rely on the line to be there. |
|
|
27 | |
|
|
28 | 1.34 Tue Dec 14 22:20:00 CET 2010 |
3 | - fix a one-byte-past-end-write buffer overflow in UURepairData |
29 | - fix a one-byte-past-end-write buffer overflow in UURepairData |
4 | (reported, analysed and testcase provided by Marco Walther). |
30 | (reported, analysed and testcase provided by Marco Walther). |
5 | - quoted-printable decoding was completely broken, try a fix. |
31 | - quoted-printable decoding was completely broken, try a fix. |
6 | |
32 | |
7 | 1.33 Wed Oct 28 09:04:38 CET 2009 |
33 | 1.33 Wed Oct 28 09:04:38 CET 2009 |
… | |
… | |
38 | |
64 | |
39 | 1.12 Mon Oct 13 14:11:01 CEST 2008 |
65 | 1.12 Mon Oct 13 14:11:01 CEST 2008 |
40 | - use the yencode filesize as additional matching criterium |
66 | - use the yencode filesize as additional matching criterium |
41 | to avoid false matches. |
67 | to avoid false matches. |
42 | - made the example decoder more verbose w.r.t. error handling. |
68 | - made the example decoder more verbose w.r.t. error handling. |
43 | - removed potentially confusing decide_temp calls from |
69 | - removed potentially confusing decode_temp calls from |
44 | example decoder. |
70 | example decoder. |
45 | |
71 | |
46 | 1.11 Fri Jun 13 15:32:30 CEST 2008 |
72 | 1.11 Fri Jun 13 15:32:30 CEST 2008 |
47 | - don't ask. |
73 | - don't ask. |
48 | |
74 | |