To stay up-to-date with the latest developments, see Uptodate.

Poslib versions prior to 1.0.2-1 have some known security problems, described in advisory 006. Anyone running Poslib 1.0.2 or earlier, or the Windows version of Poslib prior to version 0.60.2-1, is urged to upgrade immediately.

Posadis 0.60.1 and earlier had some Windows-specific issues that are described in advisories 004 and 005.

• pos_adv_004.txt - Fix for Posadis 0.60.x/Poslib 1.0.x for Windows security bug
• pos_adv_005.txt - Fix for Posadis 0.60.x/Poslib 1.0.x for Windows “-mthreads” bug
• pos_adv_006.txt - Poslib multiple vulnerabilities fix

There have been a few security problems with earlier versions of Posadis. Posadis 0.50.x is still being maintained however, and security fixes will still be made available to it. We do strongly advise you to upgrade to the latest Posadis 0.50.x.

Posadis 0.50.9 currently has two outstanding bugs:

• bug 669919 - the return of the 100% cpu usage bug
• bug 714661 - Crash with 0.50.9

These bugs have been outstanding now for quite a long time becuase they’re not very easily reproducable, and are probably specific for some specific software configurations. We will be looking into those bugs though.

• pos_adv_001.txt - Statement on the Posadis format string bugs
• pos_adv_002.txt - Multiple security problems in Posadis 0.50.x
• pos_adv_003.txt - Remote vulnerability in Posadis 0.50.x