From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 21 Mar 2000 14:18:39 +0000 (+0000)
Subject: curl_unescape() update
X-Git-Tag: curl-6_5_1~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9e4d9346a7429e14d03bdb1c19862a43338e57b8;p=thirdparty%2Fcurl.git

curl_unescape() update
---

diff --git a/CHANGES b/CHANGES
index 0d1971dee8..7026b9d391 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,7 +6,14 @@
 
                                History of Changes
 
-Version XX
+Version 6.5.1
+
+Daniel (20 March 2000):
+- An anynomous post on sourceforge correctly pointed out a possible buffer
+  overflow in the curl_unescape() function for URL convertions. The main
+  problem with this bug is that the ftp download uses that function and this
+  single- byte overflow could lead to very odd bugs (as one reported by Janne
+  Johansson).
 
 Daniel (19 March 2000):
 - Marco G. Salvagno <mgs@whiz.cjb.net> supplied me with a series of patches