> Even djb's software, intentionally written to be minimalist and as secure as possible, has had exploitable overflows (both qmail and djbdns have suffered from this).

Which of these are you describing as a buffer overflow?

http://www.cvedetails.com/vulnerability-list/vendor_id-9069/...