Holger Levsen wrote: >> The first one doesn't look like a real security problem. > > Please explain why you think that putting arbitrary long strings into fixed= > sized buffers is not a security problem, preferedly in the bugreport. The buffer overflow can only be triggered through a file only root can write to. Cheers, Moritz