> Patch extracted from difference between upstream versions 6.0 and
> 6.1, modified to patch version 4.5. Patch is attached.
While the issue corresponding to your patch should be fixed as well,
this is not the patch for CAN-2005-2491. The securitytracker page
states that 6.1 and prior versions are vulnerable. One needs to look
at the differences between 6.1 and 6.2. The relevant changes are a
bit larger.
Hi,
> Patch extracted from difference between upstream versions 6.0 and
> 6.1, modified to patch version 4.5. Patch is attached.
While the issue corresponding to your patch should be fixed as well,
this is not the patch for CAN-2005-2491. The securitytracker page
states that 6.1 and prior versions are vulnerable. One needs to look
at the differences between 6.1 and 6.2. The relevant changes are a
bit larger.
Cheers,
Stefan