Hi.
I think (almost) the same patch applies to sympa-5.2.3 too, which is in
Debian stable.
Such fix should be applied to stable too, I guess
(http://security-tracker.debian.net/tracker/CVE-2008-1648)
I have built a proposed patch to apply to stable's package sources
(attached report from "interdiff -z sympa_5.2.3-1.2.diff.gz
sympa_5.2.3-1.3.diff.gz")
I was unable to test if it works, as I have no message to exhibit the
MIME problem at stake, and I'm not sure the added returncode is valid
also on that old version (should ask upstream maybe ?).
Hope this helps anyway,
Best regards.
Le vendredi 11 avril 2008 à 15:58 +0200, Nico Golde a écrit :
> Hi,
> the attached patch fixes this issue.
> It will be also archive on:
> http://people.debian.org/~nion/nmu-diff/sympa-5.3.4-3_5.3.4-3.1.patch
>
> Kind regards
> Nico
>
--
Olivier BERGER <[EMAIL PROTECTED]> (*NEW ADDRESS*)
http://www-inf.it-sudparis.eu/~olberger/ - OpenPGP-Id: 1024D/6B829EEC
Ingénieur Recherche - Dept INF
Institut TELECOM / TELECOM & Management SudParis (http://www.it-sudparis.eu/),
Evry
diff -u sympa-5.2.3/debian/changelog sympa-5.2.3/debian/changelog
--- sympa-5.2.3/debian/changelog
+++ sympa-5.2.3/debian/changelog
@@ -1,3 +1,11 @@
+sympa (5.2.3-1.3) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * proposed fix of denial of service via crafted email (Closes: #475163,
+ CVE-2008-1648, thanks to Nico Golde <[EMAIL PROTECTED]> for the report)
+
+ -- Olivier Berger <[EMAIL PROTECTED]> Mon, 14 Apr 2008 14:14:16 +0200
+
sympa (5.2.3-1.2) unstable; urgency=low
* Non-maintainer upload to re-fix l10n issues
only in patch2:
unchanged:
--- sympa-5.2.3.orig/src/PlainDigest.pm
+++ sympa-5.2.3/src/PlainDigest.pm
@@ -158,6 +158,11 @@
my $topent = shift;
my $msgent = $topent->parts(0);
my $wdecode = new MIME::WordDecoder::ISO_8859 (1);
+
+ unless ($msgent) {
+ $outstring .= sprintf(gettext("----- Malformed message ignored -----\n\n"));
+ return undef;
+ }
my $from = $msgent->head->get('From');
my $subject = $msgent->head->get('Subject');
