A remotely exploitable buffer overrun has been reported in Epic.
This issue may reportedly be exploited by a malicious server that
supplies an overly long nickname in a CTCP messages, potentially
allowing for execution of arbitrary code in the context of the
client user.
It may be also be possible for a malicious client to send such a
message, but it is likely that the server will limit the length.
ok brad@
A problem in the handling of some types of remote files has been reported
in mpg123. Because of this, it may be possible for a remote attacker to
execute arbitrary code with the privileges of the mpg123 user.
ok naddy@ jolan@
Minor improvement: ogle_gui now uses gnome2 base libraries.
This unconfuses our linker, that now has one single libxml to take
care of.
(temporary gtk1 flavor, which will probably vanish soon).
okay'ed MAINTAINER.
Feedback by various people.
PgUp/PgDown now work better, various minor improvements.
The port now builds correctly even with an installed older version.
Two bugs were discovered that lead to a buffer overflow in PostgreSQL
in the abstract data type (ADT) to ASCII conversion functions.
It is believed that, under the right circumstances, an attacker may use
this vulnerability to execute arbitrary instructions on the PostgreSQL
server.
ok Brandon Palmer (maintainer)
Zoem is an interpretive macro/programming language.
It can be used as an allround macro language, but has more
specialized uses as well. One such specific use is its support
for creating small mark-up languages that map to different
devices (creating manual pages and FAQs for HTML, troff, and
Postscript). Zoem has character filtering capabilities tailored
to this application. It can also be used for general practical
document creation, allowing semantic mark-up, abstraction from
repeated (mark-up) elements, centralized control, automatic
generation of TOC sections, and more of that cruft.
WWW: http://micans.org/zoem/
from Andreas Kahari <andreas dot kahari at unix dot net>
