K 10
svn:author
V 4
stas
K 8
svn:date
V 27
2009-05-29T16:24:23.468631Z
K 7
svn:log
V 542
- Prevent buffer overflow in IPFilter's load_http function used to load
  ipfilter tables via http by the user-level ippool utility. Previously
  the 1024-byte buffer used to store a http request coudld easily overflow
  if the length of the hostname part of the url passes exceeded 496 bytes. [1]
- Use snprintf to prevent possieble buffer overflows in future. [2]
- Do not try to close the descriptor twice on failure. [2]

Reported by:	Maksymilian Arciemowicz <cxib@securityreason.com> [1]
Obtained from:	NetBSD CVS [2]
MFC after:	2 weeks

END