© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
Created an attachment (id=31049)
Quilt patch
The attached quilt patch ignores malformed SHA1Cs so that conversations don't crash. As mentioned earlier, though, there are a lot more places where checking needs to be done to make this framework secure. Check for KeyErrors in the xml, TypeErrors in the decodings, etc. I've managed to cause a crash remotely using several different methods.