Comment 3 for bug 383751
Revision history for this message
| David L Norris (webaugur) wrote Re: [Bug 383751] Re: uw-imap client segfaults | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
On Thu, Jun 11, 2009 at 6:03 AM, Mikko Ruohola <email address hidden>wrote:
> Does this affect Jaunty? It seems that Jaunty has a new libc-client package
> that should work.(According to debian testing branch changelog)
> We could use this package in hardy also, if it fixes this potential
> security problem.
>
Jaunty is no better. I even recompiled php-imap and the latest libc-client
from UW and the problem still exists.
In fact, after watching UW IMAP compile I decided to never use it again in
favor of a native code PHP IMAP client (Zend_Mail). There must be thousands
of incorrectly cast variables in the UW code. The warnings coming out of
GCC make me suspect there are a lot of undiscovered security problems.
--
David L Norris
http://