pidgin/nest

Update the changelog for the 2.14.7 release
default tip
10 days ago, Gary Kramlich
d040bee36d7c
Update the changelog for the 2.14.7 release

Testing Done:
None

Reviewed at https://reviews.imfreedom.org/r/928/
---
title: cve-2004-0785-01
date: 2004-08-26T00:00:00.000Z
cveNumber: cve-2004-0785
summary: Local hostname resolution buffer overflow
discoveredBy: Sean (infamous42md)
fixedInRelease: 0.82
type: security
layout: cve
hidden: true
---
### Description
Buffer overflow. If the local computer's host name is not in /etc/hosts, and
the computer performs a DNS query to obtain its hostname when signing on to
zephyr, it could receive a reply with a hostname greater than `MAXHOSTNAMELEN`
(generally 64 bytes). If `gethostbyname()` does not ensure the size of
`hostent->h_name` is less than `MAXHOSTNAMELEN`, this value would be copied to
a buffer that is not large enough.
### Mitigation
The calls to copy the hostname were replaced with calls that check the length
of the destination buffer.