On Thu, Jun 11, 2009 at 6:03 AM, Mikko Ruohola <email address hidden>wrote:
> Does this affect Jaunty? It seems that Jaunty has a new libc-client package
> that should work.(According to debian testing branch changelog)
> We could use this package in hardy also, if it fixes this potential
> security problem.
>
Jaunty is no better. I even recompiled php-imap and the latest libc-client
from UW and the problem still exists.
In fact, after watching UW IMAP compile I decided to never use it again in
favor of a native code PHP IMAP client (Zend_Mail). There must be thousands
of incorrectly cast variables in the UW code. The warnings coming out of
GCC make me suspect there are a lot of undiscovered security problems.
On Thu, Jun 11, 2009 at 6:03 AM, Mikko Ruohola <email address hidden>wrote:
> Does this affect Jaunty? It seems that Jaunty has a new libc-client package
> that should work.(According to debian testing branch changelog)
> We could use this package in hardy also, if it fixes this potential
> security problem.
>
Jaunty is no better. I even recompiled php-imap and the latest libc-client
from UW and the problem still exists.
In fact, after watching UW IMAP compile I decided to never use it again in
favor of a native code PHP IMAP client (Zend_Mail). There must be thousands
of incorrectly cast variables in the UW code. The warnings coming out of
GCC make me suspect there are a lot of undiscovered security problems.
-- webaugur. com/
David L Norris
http://