Bernd Zeimetz wrote on 20/12/2005 05:07: Bernd: Please note that I cloned your bug report into two seperate bugs.
> 1. weird %s in syslog: > > For every scanned mail spampd generates several lines like > Dec 20 04:59:31 one spampd[5490]: %s > in the log. After looking through the resolved bugs I think this could > probably be a result of the fix introduced in #332259, probably it's > unnessessary now due to changes in the perl libraries!? That's only a > guess. This seems to be a regression in libnet-server-perl 0.89-1. 0.87-3 (as currently in sarge) works alright. Dear libnet-server-perl maintainer(s): Was there a specific reason to disallow usage of format strings completely in your log() implementation? Wouldn't a filtering for potentially malicious options have been enough? You current solution breaks existing packages (like mine). However, I don't blame you, the incompatible change seems to have been made upstream. However: Are you able to suggest a solution to the problem? For example: Is there a way for a script which uses libnet-server-perl to check it's version? After all, for my package to remain compatible and secure in as many environments as possible, I will need to find out wether I can (and even should) use format strings or not. cu, sven -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
