-$Id: CHANGES,v 1.64 2000/06/11 17:26:04 stelian Exp $
+$Id: CHANGES,v 1.67 2000/06/30 09:00:38 stelian Exp $
-Changes between versions 0.4b17 and 0.4b18 (released ??????????????)
-====================================================================
+Changes between versions 0.4b17 and 0.4b18 (released June 30, 2000)
+===================================================================
1. Fixed a potential buffer overflow in restore. Thanks
to Stan Bubrouski <satan@fastdial.net> for reporting
to Charles Karney <karney@users.sourceforge.net>
for the bug report.
+3. Changed a few "panic" into "exit", causing restore to
+ be more stable against some attacks (like the last one
+ reported on Bugtraq, although the last version of restore
+ was not vulnerable - just dumped core). Thanks to
+ Andreas Hasenack <andreas@conectiva.com.br> for reporting
+ the bugs to me.
+
+4. Removed the suid-root bit on dump and restore in the
+ default build (and generated RPMs). It should be safer
+ now. Users who need the suid-root capabilities in order
+ to make network backups should read first the man page
+ of dump and enable the suid bit manually.
+
Changes between versions 0.4b16 and 0.4b17 (released June 1st, 2000)
====================================================================
git.wh0rd.org / dump.git / blobdiff