Wed, 22 Jan 2025 21:35:51 -0600
Updates for the 2.14.14 release
Testing Done:
Ran `npm run hugo:server` and verified the download links and changelog were displayed properly.
Reviewed at https://reviews.imfreedom.org/r/3782/
--- title: independent-20040826-00 date: 2004-08-26T00:00:00.000Z cveNumber: talosReportId: summary: Content-length DOS (malloc error) discoveredBy: Sean (infamous42md) fixedInRelease: 0.82 type: security layout: cve hidden: true --- ### Description Remote crash. When a remote server provides a large `content-length` header value, Gaim will attempt to allocate a buffer to store the content, however this allocation attempt will cause Gaim to crash if the length exceeds the amount of possible memory. This happens when reading profile information on some protocols. It also happens when smiley themes are installed via drag and drop. ### Mitigation The call to `g_malloc()` was replaced with a call to `g_try_malloc()`. If the memory could not be allocated the function returns instead of causing the application to crash.