The changelog has a number of other bug fixes, which can be read on the website here.A feature-rich text editor application that supports not only plaintext, but a number of programming languages which can act as a Notepad replacement for Windows. I also read in the changelog that another possible memory leak when reading Utf8-16 files has been fixed. In addition, the author writes that he has made another security improvement, in which the uninstaller has now probably also been signed. On the download page, the notes on fixes that can be seen there state that vulnerabilities CVE-2023-40031, CVE-2023-40036, CVE-2023-40164 and CVE-2023-40166 have been fixed. Notepad++ v8.5.7 releasedĪn anonymous blog reader has now pointed out that version 8.5.7 of Notepad++ has been released. One of the vulnerabilities (CVE-2023-40031) can trigger a buffer overflow when converting the Unicode representation from user UTF16 to UTF8. I had gathered more details about the process and the vulnerabilities in the blog post Vulnerabilities in Notepad ++ (Sept. But nothing happened, the developer continuously released new Notepad+++ versions without addressing the vulnerabilities.Īfter that, Jaroslav Lobacevski decided to go public and published the details on his GitHub security page as of August 21, 2023. Security researcher Jaroslav Lobacevski found a total of four vulnerabilities (CVE-2023-40031, CVE-2023-40036, CVE-2023-40164, CVE-2023-40166) in the Notepad ++ editor for Windows and reported them to the developer of the program as early as April 28, 2023.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |