On Wed, Dec 03, 08 at 14:40 +0100, Secunia Research wrote: > Hello, > > CVE-2008-5276 is still not properly patched in version 0.9.8. > > The added "i_index_count > ( 0xffffffff / sizeof( rm_index_t ) )" check > is insufficient, allowing values of 0x15555555 to trigger the overflow. It has been fixed in 0.9.8a -- Xtophe