Re: Yes, Rat's nest

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

From: Charles Lindsey (chl@clw.cs.man.ac.uk)
Date: Tue Jul 02 2002 - 14:36:13 CDT

Next message: Henry Spencer: "Re: Yes, Rat's nest"
Previous message: Russ Allbery: "Re: UTF-8 quickfix for moderated groups"
In reply to: Clive D.W. Feather: "Re: Yes, Rat's nest"
Next in thread: Henry Spencer: "Re: Yes, Rat's nest"

In <20020701084034.GF84462@demon.net> "Clive D.W. Feather" <clive@demon.net> writes:

>Or were they related to bad handling of UTF-8 "overlong" sequences ? This
>is a known security hole, and is why all software handling UTF-8 *MUST*
>detect overlong sequences.

Please could you explain in more detail the nature of this particular
security hole?

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133   Web: http://www.cs.man.ac.uk/~chl
Email: chl@clw.cs.man.ac.uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5

Next message: Henry Spencer: "Re: Yes, Rat's nest"
Previous message: Russ Allbery: "Re: UTF-8 quickfix for moderated groups"
In reply to: Clive D.W. Feather: "Re: Yes, Rat's nest"
Next in thread: Henry Spencer: "Re: Yes, Rat's nest"

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

This archive was generated by hypermail 2b29.