Spread 3.17.1 released
It can be downloaded
here.
This release includes a number of bugfixes, including some that fix
daemon crashes and potential security issues, and some small cleanups
and stability improvements. So we highly encourage everyone to
upgrade to this release.
The 3.17.1 release has no new features, api changes or other dramatic
changes. The potential security issue is a buffer overflow in the C
language CLIENT library that could be exploited by a malicious daemon
or man-in-the-middle attack to execute code with the privileges of the
user running the client. This bug was uncovered by a DARPA funded
Red Team from SRI who were evaluating Spread and Secure Spread.
|