hashcash-1.16 has a format string bug when printing the header, It could be possible to execute code in certain circumstances, but I havnt proved this. At the very least it's a DoS by preventing hashcash users from participating in discussions or dirupting logs/exhausting memory by using huge field widths, eg hashcash -qm -b 8 -r "foo%.5000000x" -X < /dev/null I reported this to the hashcash mailing list (see URL). Reproducible: Always Steps to Reproduce: 1. 2. 3.
Created attachment 52362 [details, diff] hashcash patch obviously correct oneliner for format string vulnerability.
hashcash-1.16-r1 committed - thanks for the patch :)
x86: please test and mark stable
x86 was already there
GLSA 200503-12