Package: amavisd-new
Version: 1:2.4.2-6.1
Severity: minor
Tags: patch
Hi,
The amavisd package is bundled with some exemples of rules to ban / protected
attachments based on filename/mime-type.
Notably there is this section:
# [ qr'^\.(Z|gz|bz2)$' => 0 ], # allow any in Unix-compressed
# [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within such archives
that is supposed to override banned file within archives, however un-commenting
thoses line this doesn't work / is not enough, at least for zip archives.
To make it work i had to use the following line:
[ qr'^application/x-zip-compressed$'i => 0],
so there is a proposed patch to include in the package:
--- 20-debian_defaults 2007-02-24 19:30:00.000000000 +0100
+++ 20-debian_defaults 2008-05-19 18:56:07.000000000 +0200
@@ -120,6 +120,7 @@
# [ qr'^\.(Z|gz|bz2)$' => 0 ], # allow any in Unix-compressed
# [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within such archives
+# [ qr'^application/x-zip-compressed$'i => 0], # allow any within such
archives
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-686
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Versions of packages amavisd-new depends on:
ii adduser 3.102 Add and remove users and groups
ii debconf [debconf-2.0] 1.5.11etch1 Debian configuration management sy
ii file 4.17-5etch3 Determines file type using "magic"
ii libarchive-tar-perl 1.30-2 Archive::Tar - manipulate tar file
ii libarchive-zip-perl 1.16-1 Module for manipulation of ZIP arc
ii libberkeleydb-perl 0.31-1 use Berkeley DB 4 databases from P
ii libcompress-zlib-perl 1.42-2 Perl module for creation and manip
ii libconvert-tnef-perl 0.17-5 Perl module to read TNEF files
ii libconvert-uulib-perl 1.06-1 Perl interface to the uulib librar
pn libdigest-md5-perl <none> (no description available)
ii libio-stringy-perl 2.110-2 Perl5 modules for IO from scalars
ii libmailtools-perl 1.74-1 Manipulate email in perl programs
pn libmime-base64-perl <none> (no description available)
ii libmime-perl 5.420-0.1 Perl5 modules for MIME-compliant m
ii libnet-server-perl 0.94-1 An extensible, general perl server
ii libunix-syslog-perl 0.100-5 Perl interface to the UNIX syslog(
ii perl [libtime-hires-perl] 5.8.8-7etch3 Larry Wall's Practical Extraction
ii perl-modules [libnet-perl] 5.8.8-7etch3 Core Perl modules
ii postfix [mail-transport-age 2.3.8-2+b1 A high-performance mail transport
amavisd-new recommends no packages.
-- debconf information excluded
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
