Note CVE and other overflow fixes in CHANGES. - nightmaremail - Unnamed repository; edit this file 'description' to name the repository.

commit bf692cf45ec6d679ba194f80862f17db4c415eb4
parent a385b5e9b2fb8f84c48a14d49452918ad2f3fa45
Author: Amitai Schleier <schmonz-web-git@schmonz.com>
Date:   Wed, 20 May 2020 14:40:38 +0200

Note CVE and other overflow fixes in CHANGES.

Diffstat:
M CHANGES  | 7 +++++++

1 file changed, 7 insertions(+), 0 deletions(-)
diff --git a/CHANGES b/CHANGES
@@ -1,4 +1,11 @@
 20200520 version: notqmail 1.08.
+20200519 bug: fix several other places where variables could overflow.
+20200519 security: fix signedness wraparound in substdio_{put,bput}().
+         (CVE-2005-1515)
+20200519 security: fix possible signed integer overflow in commands().
+         (CVE-2005-1514)
+20200519 security: fix integer overflow in stralloc_readyplus().
+         (CVE-2005-1513)
 20200514 bug: qmail-pop3d runs as root if root authenticates.
          impact: vector for dictionary attack on root password.
          fix: exit 1, same as a failed checkpassword login.

	nightmaremail Unnamed repository; edit this file 'description' to name the repository.
	Log \| Files \| Refs