Index > Scribe > Reported Security Vulnerability | |
---|---|
Author/Date | Reported Security Vulnerability |
Jon 11/04/2009 11:51pm | When is there likely to be a fix for the i.scribe security vulnerability reported on a number of sites including
http://www.f-secure.com/vulnerabilities/SA32906 http://secunia.com/advisories/product/20617/ http://www.securityfocus.com/bid/32497 and what level of threat does it really pose? Otherwise I really like this email client for its simplicity and fast loading. Sincerely, Jon A. |
fret 12/04/2009 4:39am | If I can reproduce a problem of course I''ll fix it. But at the moment I think it''s highly unlikely that users connect to random malicious SMTP servers, they connect to their ISP''s server, which can be trusted to a large degree. There is certainly no need to panic.
I find highly annoying that this is how I find out about it. Seriously if you are going research some security problem and post the results on the net, a coutesy email to the software''s author would be in order right? |
Jon 14/04/2009 2:48pm | Thanks - great to know there''s nothing to worry about. Sorry if I offended. It was certainly not intended.
Jon |
fret 16/04/2009 1:01am | I''ve fixed the security issue this morning, and will release the fix in the next beta build of v2.00. |
Reply | |