From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <731e1695032a803f1469c6dc8af3cdec@vitanuova.com>
From: C H Forsyth <forsyth@vitanuova.com>
To: 9fans@cse.psu.edu
Subject: Re: SMTP+SPF (was: [9fans] Re: new release?)
In-Reply-To: <1077840504.5089.5.camel@rea>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Date: Fri, 27 Feb 2004 00:18:11 +0000
Topicbox-Message-UUID: fbda8074-eacc-11e9-9e20-41e7f4b1d025

by coincidence, tonight on another list's security alert:

>>libxml2 is a library for manipulating XML files.
>>Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6.
>>When fetching a remote resource via FTP or HTTP, libxml2 uses special
>>parsing routines.  These routines can overflow a buffer if passed a very
>>long URL.  If an attacker is able to find an application using libxml2 that
>> ...