[Namazu-devel-en] Re: [PATCH] potential buffer overrun in namazu.cgi?
Derek Atkins
warlord at MIT.EDU
Thu May 18 03:24:41 JST 2006
Quoting Tadamasa Teranishi <yw3t-trns at asahi-net.or.jp>:
>> approach to release engineering.. The time to release a 2.0.17pre1
>> and then a 2.0.17 is no more significant than the time to release a
>> 2.0.17 and then a 2.0.18, so why release pre-releases?
>
> This is a story only that coding assumed that VERSION is within 9
> characters is dangerous.
True.
Now that your changes are in CVS and I can look at them, it would be
easy to add {version} back into your infrastructure. At the time I
wrote the patch I didn't see your changes. But I still think I'll
wait for a 2.0.17 release before I update my server.
Thanks,
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the Namazu-devel-en
mailing list