Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
On Wed, 22 Jan 2003 11:54:34 +0100, "Koen" <no at ssppaamm.com> wrote: >Does anyone know if this is an issue for cvsnt or not? >And if it is fixed, from what version? > There's a fix in the pipeline (a proper fix that should stop it happening in the future, too). I'm a bit cheesed off that the news was deliberately kept quiet and nobody was told... apparently they knew about it a fortnight ago, and decided not to tell anyone. As it happens, I finally got the details from slashdot of all places. AFAIK it would be almost impossible to exploit this kind of thing anyway - there's a bit of overhyping going on somewhere (the risk is entirely theoretical - unlike buffer overruns which have been exploited in the past, there's no record of anyone ever making a double free do anything other than crash). Tony