amsn is vulnerable to a remote DoS attack that contains { } characters on its control port. Also see the upstream mailing list about this: http://sourceforge.net/mailarchive/forum.php?thread_name=2e8fbf7a0704220319m68e0f8d4kc8105749ec6ef85e%40mail.gmail.com&forum_name=amsn-devel
CC'ing maintainers is there a patch available? SF is too slow for me right now to check
fixed versions are: 0.95-r4 and 0.96-r1 Archs: please mark 0.95-r4 stable (or 0.96-r1 if you prefer)
amd64 done, stabled both
x86 stable
Stable for HPPA.
-sparc for us, gcc3-built amsn worked but gcc4 triggers some badness inside that craps it out in the usual sparc fashion (SIGBUS - unaligned memory accesses, bad cast, bad pointer foo).
ppc stable
alpha stable. Sorry about the delay, I was on holidays.
This one is ready for GLSA vote. I tend to vote NO.
/vote no, client DoS.
Changing to full NO and closing. Feel free to reopen if you disagree.