| 1 | Revision history for Perl extension Convert::UUlib. |
1 | Revision history for Perl extension Convert::UUlib. |
| 2 | |
2 | |
|
|
3 | 1.6 Thu Oct 24 17:11:54 CEST 2019 |
|
|
4 | - fix heap overflow (testcase by Noel Duffy, reported |
|
|
5 | by Robert Scheck). The defense-in-depth mechanism based |
|
|
6 | on mmap should make this unexploitable for other than denial |
|
|
7 | of service, on systems supporting mmap/mprotect. |
|
|
8 | |
|
|
9 | 1.5 Sat Jul 11 03:56:06 CEST 2015 |
|
|
10 | - fix a heap overflow (testcase by Krzysztof WojtaĆ). |
|
|
11 | - on systems that support it (posix + mmap + map_anonymous), |
|
|
12 | allocate all dynamic areas via mmap and put four guard |
|
|
13 | pages around them, to catch similar heap overflows |
|
|
14 | safely in the future. |
|
|
15 | - find a safer way to pass in CC/CFLAGS to uulib. |
|
|
16 | - added stability canary support. |
|
|
17 | |
|
|
18 | 1.4 Sun May 29 17:17:01 CEST 2011 |
|
|
19 | - avoid a classical buffer overflow in case a progress |
|
|
20 | message is too long. |
|
|
21 | - this release adds dependencies for snprintf/vsnprintf. |
|
|
22 | - some uuencode encoders do not generate a final "space" line |
|
|
23 | before the "end" marker, so do not rely on the line to be there. |
|
|
24 | |
|
|
25 | 1.34 Tue Dec 14 22:20:00 CET 2010 |
| 3 | - fix a one-byte-past-end-write buffer overflow in UURepairData |
26 | - fix a one-byte-past-end-write buffer overflow in UURepairData |
| 4 | (reported, analysed and testcase provided by Marco Walther). |
27 | (reported, analysed and testcase provided by Marco Walther). |
| 5 | - quoted-printable decoding was completely broken, try a fix. |
28 | - quoted-printable decoding was completely broken, try a fix. |
| 6 | |
29 | |
| 7 | 1.33 Wed Oct 28 09:04:38 CET 2009 |
30 | 1.33 Wed Oct 28 09:04:38 CET 2009 |
| … | |
… | |
| 38 | |
61 | |
| 39 | 1.12 Mon Oct 13 14:11:01 CEST 2008 |
62 | 1.12 Mon Oct 13 14:11:01 CEST 2008 |
| 40 | - use the yencode filesize as additional matching criterium |
63 | - use the yencode filesize as additional matching criterium |
| 41 | to avoid false matches. |
64 | to avoid false matches. |
| 42 | - made the example decoder more verbose w.r.t. error handling. |
65 | - made the example decoder more verbose w.r.t. error handling. |
| 43 | - removed potentially confusing decide_temp calls from |
66 | - removed potentially confusing decode_temp calls from |
| 44 | example decoder. |
67 | example decoder. |
| 45 | |
68 | |
| 46 | 1.11 Fri Jun 13 15:32:30 CEST 2008 |
69 | 1.11 Fri Jun 13 15:32:30 CEST 2008 |
| 47 | - don't ask. |
70 | - don't ask. |
| 48 | |
71 | |
