Version 1 (modified by nelhage@mit.edu, 14 years ago) (diff) |
---|
BarnOwl 1.5.1 release notes
From: Nelson Elhage <nelhage@mit.edu> To: barnowl-users@mit.edu Subject: BarnOwl 1.5.1 released Hello, We have just released BarnOwl 1.5.1 to our website and into our locker for all supported Athena platforms. We encourage all users to upgrade. BarnOwl 1.5.1 fixes a remotely triggerable buffer overflow in "CC:" handling (CVE-2010-0793), which has potential for remote code execution. In addition, BarnOwl 1.5.1 fixes numerous memory leaks throughout the program. Thank you for using BarnOwl. As usual, any bug reports, questions, or feature requests can be directed to the developers at <barnowl@mit.edu>. - Nelson Elhage for the BarnOwl team [1] http://barnowl.mit.edu/
Addendum: CVE-2010-0793 affects all releases of barnowl prior to 1.5.1. Remote code execution is theoretically possible, but would be very difficult.