[htdig3-dev] Re: ITS4 Security results


Subject: [htdig3-dev] Re: ITS4 Security results
From: Geoff Hutchison (ghutchis@wso.williams.edu)
Date: Sat Feb 26 2000 - 12:14:18 PST


Hi,

A few days ago, I e-mailed about the ITS4 automated security scanner.
I tried it out on the code and it found a few places to inspect. I'm
including the most verbose version (this one complains about memcpy)
as an attachment. The author, John Viega <John@list.org>, also said
that he'd consider doing a full audit of our source.

I don't know what sorts of bugs remain, but getting some help
auditing the code would be welcome.

-Geoff

------------------------------------
To unsubscribe from the htdig3-dev mailing list, send a message to
htdig3-dev-unsubscribe@htdig.org
You will receive a message to confirm this.



This archive was generated by hypermail 2b28 : Sat Feb 26 2000 - 12:19:11 PST