Far-NetBox icon indicating copy to clipboard operation
Far-NetBox copied to clipboard

Published 20 hours ago verified publisher icon michaellukashov

Windows: Update Expat to 2.2.3 to fix DLL hijacking (CVE-2017-11742)

Open hartwork opened this issue 8 years ago • 4 comments

Hi!

You seem target Windows and bundle Expat 2.2.2. Please update your bundle to Expat 2.2.3 to fix vulnerability CVE-2017-11742.

Thanks!

hartwork avatar Aug 02 '17 22:08 hartwork

Dir ./Far3 have archive FarNetBox-2.4.4_Far3_x64.7z & FarNetBox-2.4.4_Far3_x86.7z - is NetBox v2.4.4.521 builded VC++2010/CMake 3.9.0. 32-bit for WinXP SP3 / 64-bit for Vista or never OS.

NetBox 2.4.4.521 03.08.2017

  • Issue #249: Update expat sources to 2.2.3
  • Issue #247: bug when session is opened by Ctrl-PgDown
  • Issue #246: SCP: check unusual listing format (https://github.com/michaellukashov/Far-NetBox/issues/246)
  • FTP: use QUIT to disconnect from server
  • Fix AV after reopen connection

Please check it.

VictorVG avatar Aug 03 '17 22:08 VictorVG

Thanks for making a new release! I'm afraid I cannot help with testing on Windows myself.

hartwork avatar Aug 03 '17 23:08 hartwork

Well, what I could, I checked it myself, the rest of the people will help.

VictorVG avatar Aug 04 '17 07:08 VictorVG

Fixed

VictorVG avatar Aug 05 '17 14:08 VictorVG