wiki:barnowl-1.0.5-announce

Version 1 (modified by nelhage@MIT.EDU, 15 years ago) (diff)

--

The BarnOwl 1.0.5 release announcement:

From: Nelson Elhage <nelhage@mit.edu>
To: barnowl-users@mit.edu
Subject: BarnOwl 1.0.5 released, fixes multiple security problems (CVE-2009-0363)

We have just released BarnOwl 1.0.5 to our website, into our locker
for all supported Athena platforms, and into the Debathena apt
repository. We strongly recommend all users upgrade immediately.

BarnOwl 1.0.5 fixes CVE-2009-0363, including several vectors for
potential remote code execution, including from crafted 'zcrypt'
message, or in response to a 'reply' command on messages with certain
Zephyr Cc: lists.

- Nelson Elhage
for the BarnOwl team

[1] http://barnowl.mit.edu/