* https://github.com/williamh/dotconf/commit/6382711e9b0060bbd0408df512e48b2ce9cdb3be * https://github.com/williamh/dotconf/commit/ced5b7e629142dd028acee11f55494c667a4ad49 The second one in particular: """ This fixes a security vulnerability as well as three other bugs. The potential vulnerability lies on lines 280 to 314 of dotconf.c, wherein the "dotconf_get_next_line" function does not use the provided bufsize parameter. This can lead to an overflowing write of the provided buffer when a line that contains an escape at the end is read and is followed by a large following line. While most applications of dotconf seem to trust the configuration file in question, this is a direct buffer overflow which could be used to gain arbitrary code execution. If nothing else, it is certainly a bug. The additional three other related but not security- relevant bugs in lines 259 to 278 in the function "dotconf_continue_line". Namely: 1. a line containing only an escape character followed by a newline or followed by a carriage return + newline leads to a non-exploitable one or two byte buffer underflow read, respectively 2. a line containing a carriage return + newline leads to a single byte buffer underflow read 3. a line of any length ending with an escape followed by a carriage return + newline leads to a miscomputation of the line offset, leading to the escape character being retained I would like to thank Addison Crump <addison.crump@cispa.de> for the fixes. """