The following includes changes that comprise version 2.0:
* Wed Jan 20 2001 Timothy Tsai <ttsai@avaya.com>
- vfprintf.c:
	- Incorporated *printf() code from libc-2.1.3-91.src.rpm.  This code
	  fixes a bug for sprintf(), when the same buffer occurs as the
	  destination buffer and a source buffer (e.g., "sprintf(buf, "%s...",
	  buf, ...)).
	- Introduced code to check for printf format bugs.  The code detects
	    - overwriting of return addresses via printf("%n", ...)
	    - printf argument lists that span multiple stack frames
* Wed Jan 17 2001 Timothy Tsai <ttsai@avaya.com>
- vfscanf.c:
	- Replaced iovfscanf.c with vfscanf.c from libc-2.1.3-91.src.rpm.  This
	  updated version supports more field modifiers and conversions.
* Mon Nov 15 2000 Timothy Tsai <ttsai@avaya.com>
- util.c:_libsafe_stackVariableP():
	- Added code to see if the stack contains stack frames with frame
	  pointers.  If frame pointers are missing, then
	  _libsafe_stackVariableP() always returns 0, which means that checking
	  for buffer overflows is disabled.  This addition is needed to handle
	  code compiled with -fomit-frame-pointer.  [-fomit-frame-pointer
	  incompatability reported by Solar Designer, Michael Sweet, and
	  others.]
- util.c:_libsafe_die():
	- Change the mail notification mechanism.  Instead of relying on an
	  external mail program, email messages are now sent by directly
	  communicating with the SMTP port.  [Security vulnerabilities of email
	  raised by by Solar Designer and others.]
	- Added code to print the UID and effective UID of the user.  Note that
	  this is the user who started the process, who may not necessarily be
	  the attacker.  [Suggested by Duane Dunston.]
	- Added code to print the address of the code that called the unsafe
	  function that was detected by lisafe.
	- Added code to optionally generate a core dump upon exit.  [Suggested
	  by Aaron Hopkins.]
	- Added debugging code to turn off adding entries to syslog.  This is
	  useful during testing when a large number of test violations are
	  detected.  The code must be enabled with the -DDEBUG_TURN_OFF_SYSLOG
	  option in the Makefile.
	- Added dying flag to effectively disable _libsafe_stackVariableP()
	  after _libsafe_die() has been called.
- util.c:find_stack_start():
	- find_stack_start() replaces _libsafe_initialize_start_stack().
	  find_stack_start() works for multi-threaded processes and is less
	  kludgy.
- util.c:_libsafe_dump_stack():
	- Added this function to print out the contents of the stack when a
	  violation is detected.  This function is called from _libsafe_die()
	  and must be enabled with the -DDUMP_STACK option in the Makefile.
- intercept.c:gets():
	- Added extra code to make sure that the libsafe gets() treats newlines
	  the same way the libc gets() does.  [Suggested by Jutta Degener.]
- intercept.c:getwd():
	- Added code to make sure no more than PATH_MAX characters are
	  returned.  [Suggested by Jutta Degener.]
- intercept.c:
	- Made "static memcpy_t real_memcpy" a global variable since four
	  functions access it.  This increases the performance very slightly.
	  [Suggested by Paul Boehm.]
- iovfscanf.c:
	- Corrected bug in code that improperly processed format specifiers
	  with explicit field widths for char types.  [Bug reported by Bojan
	  Pogacar.]
- depend: removed from the package

* Fri April 21 2000 Arash Baratloo <arash@research.bell-labs.com>
- Corrected couple of bugs (in util.c) that kept libsafe from running on RH5.1
- Added dependencies to the Makefile
	
* Thu Mar 30 2000 Vandoorselaere Yoann <yoann@mandrakesoft.com>
* Thu Mar 30 2000 Arash Baratloo <arash@research.bell-labs.com>
- Update to 1.3
- Rename copying.lib to copying
- Use _exit because an sigsegv can be caught.

* Thu Mar 30 2000 Vandoorselaere Yoann <yoann@mandrakesoft.com>
- Removed a dangerous debugging function.
- Removed the mail_list file specified by variable feature ( could lead to
  attack ).
- Removed all c++ comment... reindent all code.
- Removed dead code.
- renamed int script to int.sh.
- Removed unused check from _libsafe_stackVariableP() ( stack_start is
  initialized in intercept.c ).

* Thu Mar 09 2000 Vandoorselaere Yoann <yoann@mandrakesoft.com>
	- int : use bash
	- Makefile : make clean work now :)
	- intercept.c : don't initialize static function pointer at .text init
	  time.
	- intercept.c : reindented + c++ to c comment :)
	- intercept.c : getLibraryFunction -> use const
	- added intercept.c , will be a c port of intercept.cpp
	- util.c: added warning, for a problem i'm not sure of
	- util.c: don't use non portable asm instruction to make the program
	  exit, use a clean portable way to do it...
	- util.c: never use system cause it can be a security problem.
	- util.c: Use the first variable stack address as the sp address.
	- util.c: Use unsigned long cause it is a word long on all architecture.
	- Imported libsafe source, created module, created changelog.
