Your message dated Sun, 05 Sep 2010 13:47:57 +0000
with message-id <e1osfzd-0000tt...@franck.debian.org>
and subject line Bug#595057: fixed in fdm 1.6-3
has caused the Debian Bug report #595057,
regarding Denial of service on systems running fdm
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
595057: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595057
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: fdm
Version: 1.5-3
Severity: critical
Justification: breaks unrelated software
When recieving e-mail with attachments sent from my ISP webmail fdm starts
eating all avaiable memory.
Just after 10 seconds it allocates over 300MiB, when over 5GB are allocated
system starts swapping.
As a result, the system is unusable until OOM killer kicks in.
-- System Information:
Debian Release: 5.0.4
APT prefers stable
APT policy: (990, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages fdm depends on:
ii adduser 3.110 add and remove users and groups
ii libc6 2.7-18lenny2 GNU C Library: Shared libraries
ii libpcre3 7.6-2.1 Perl 5 Compatible Regular Expressi
ii libssl0.9.8 0.9.8g-15+lenny6 SSL shared libraries
ii libtdb1 1.1.2~git20080615-1 Trivial Database - shared library
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
fdm recommends no packages.
fdm suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: fdm
Source-Version: 1.6-3
We believe that the bug you reported is fixed in the latest version of
fdm, which is due to be installed in the Debian FTP archive:
fdm_1.6-3.diff.gz
to main/f/fdm/fdm_1.6-3.diff.gz
fdm_1.6-3.dsc
to main/f/fdm/fdm_1.6-3.dsc
fdm_1.6-3_amd64.deb
to main/f/fdm/fdm_1.6-3_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 595...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Frank Terbeck <f...@bewatermyfriend.org> (supplier of updated fdm package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 05 Sep 2010 12:21:09 +0200
Source: fdm
Binary: fdm
Architecture: source amd64
Version: 1.6-3
Distribution: unstable
Urgency: low
Maintainer: Frank Terbeck <f...@bewatermyfriend.org>
Changed-By: Frank Terbeck <f...@bewatermyfriend.org>
Description:
fdm - fetching, filtering and delivering emails
Closes: 595057
Changes:
fdm (1.6-3) unstable; urgency=low
.
* New patch: 06sslretval.patch: Improve SSL error-handling which led to
excessive memory allocation with broken mails. (Closes: #595057)
* New patch: 07incrlinelim.patch: Increase the maximum line limit for a
mail. This is upstream's recommended workaround to let fdm download
broken mails which caused #595057.
Checksums-Sha1:
b2c8e1905bbc872b2a55b077c60497ff225727f4 1020 fdm_1.6-3.dsc
517768adb2fc0a300b9e87025096f1d71adc3aee 8703 fdm_1.6-3.diff.gz
edeb149923c2e82d1c8ef272b55b225939f90233 162940 fdm_1.6-3_amd64.deb
Checksums-Sha256:
b9f54f28ec81ce770d6fa262d1f7a18bd93ed8c82457ab43d9ae3cf4b1a3ff76 1020
fdm_1.6-3.dsc
389353aed66006bd007ab1ab009090f0a93e3d11e0d2ca43f437d37eb9e00a78 8703
fdm_1.6-3.diff.gz
34ed6092faf1f43b735ec29b8fb14d15906b41efb02c4598653d8a3731852813 162940
fdm_1.6-3_amd64.deb
Files:
0d3d082a5fc35eef8d4462a3fa0c6db0 1020 mail optional fdm_1.6-3.dsc
eab57b7143a80babdb7b10a40098f2c4 8703 mail optional fdm_1.6-3.diff.gz
b2fa69216f4c8933ebe05b388257c5a6 162940 mail optional fdm_1.6-3_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkyDncsACgkQHYflSXNkfP/UeACeOwqtcTncZWGqcGQSfuvaIppe
a7cAn1j3BTbEUP72QMD4MxsIZrpQ6L0H
=1I6a
-----END PGP SIGNATURE-----
--- End Message ---
