Path to this page:
Subject: CVS commit: pkgsrc/chat/silc-client
From: Tonnerre Lombard
Date: 2009-08-02 21:18:40
Message id: 20090802191840.65B7C175D0@cvs.netbsd.org
Log Message:
Update silc-client to version 1.1.8 to fix a security problem.
Changes:
- Portability: Check threads support in OpenBSD.
- Security: Fixed string format vulnerability in client entry handling.
- Autoconf upgrade.
- PacketEngine: Don't free underlaying stream in packet stream create error
- If packet stream creation failed it freed the stream given as argument.
This is wrong. It is the caller's responsibility to free it if the
packet stream creation failed.
- SKE: When failure is received mark SKE always failed
Mark the SKE failed even if we don't receive error from remote. Fixes
crash where the callback is called back to application without valid
key material and without error status.
Files: