An exploitable buffer overflow has been announced by Michael Brooks in the btFiles::BuildFromMI function. See http://www.securityfocus.com/bid/34584/info for further information.
Thanks... this is now fixed in subversion r302 and scheduled for release 3.3.3.
A patch for just the buffer overflow issue is also attached to this record.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
buffer overflow patch
Thanks... this is now fixed in subversion r302 and scheduled for release 3.3.3.
A patch for just the buffer overflow issue is also attached to this record.