Hi ! in errorlog.c there's a call to syslog syslog(priority, buf); (Line: 113) that can cause problems if somebody can get formatting chars to buf (%n for example). I think that more secure way to call syslog is syslog(priority, "%s", buf) -Jarno
Thanks a lot for pointing this out. Fixed now in our current package. Florian La Roche