Your message dated Sat, 23 Jan 2016 13:57:15 +0000 with message-id <1453557435.1835.52.camel@adam-barratt.org.uk> and subject line 8.3 point release cleanup has caused the Debian Bug report #803569, regarding jessie-pu: package exim4/4.84-8+deb8u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 803569: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803569 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: jessie-pu: package exim4/4.84-8+deb8u1
- From: Andreas Metzler <ametzler@bebt.de>
- Date: Sat, 31 Oct 2015 14:33:10 +0100
- Message-id: <20151031133310.GA18000@downhill.g.la>
Package: release.debian.org Severity: normal Tags: jessie User: release.debian.org@packages.debian.org Usertags: pu Hello, I would like to fix 803562 in jessie. Exim's MIME checking ACL (available in exim4-daemon-heavy) was found to not correctly handle some broken MIME containers. Jessie contains most of the fixes, but some additional issues were found later. Debian's default setup does not set either acl_not_smtp_mime nor acl_smtp_mime and is therefore not affected. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'File lists identical (after any substitutions) Control files of package exim4: lines which differ (wdiff format) ----------------------------------------------------------------- Depends: debconf (>= 0.5) | debconf-2.0, debconf (>= 1.4.69) | cdebconf (>= 0.39), exim4-base (>= [-4.84-8),-] {+4.84-8+deb8u1),+} exim4-base (<< [-4.84-8.1),-] {+4.84-8+deb8u1.1),+} exim4-daemon-light | exim4-daemon-heavy | exim4-daemon-custom Version: [-4.84-8-] {+4.84-8+deb8u1+} Control files of package exim4-base: lines which differ (wdiff format) ---------------------------------------------------------------------- Version: [-4.84-8-] {+4.84-8+deb8u1+} Control files of package exim4-config: lines which differ (wdiff format) ------------------------------------------------------------------------ Version: [-4.84-8-] {+4.84-8+deb8u1+} Control files of package exim4-daemon-heavy: lines which differ (wdiff format) ------------------------------------------------------------------------------ Depends: exim4-base (>= 4.84), libc6 (>= 2.15), libdb5.3, libgnutls-deb0-28 (>= 3.3.0), libldap-2.4-2 (>= 2.4.7), libmysqlclient18 (>= 5.5.24+dfsg-1), libpam0g (>= 0.99.7.1), libpcre3 (>= 1:8.35), libperl5.20 (>= [-5.20.1),-] {+5.20.2),+} libpq5, libsasl2-2, libsqlite3-0 (>= 3.5.9), debconf (>= 0.5) | debconf-2.0 Version: [-4.84-8-] {+4.84-8+deb8u1+} Control files of package exim4-daemon-heavy-dbg: lines which differ (wdiff format) ---------------------------------------------------------------------------------- Version: [-4.84-8-] {+4.84-8+deb8u1+} Control files of package exim4-daemon-light: lines which differ (wdiff format) ------------------------------------------------------------------------------ Version: [-4.84-8-] {+4.84-8+deb8u1+} Control files of package exim4-daemon-light-dbg: lines which differ (wdiff format) ---------------------------------------------------------------------------------- Installed-Size: [-2078-] {+2079+} Version: [-4.84-8-] {+4.84-8+deb8u1+} Control files of package exim4-dbg: lines which differ (wdiff format) --------------------------------------------------------------------- Version: [-4.84-8-] {+4.84-8+deb8u1+} Control files of package exim4-dev: lines which differ (wdiff format) --------------------------------------------------------------------- Version: [-4.84-8-] {+4.84-8+deb8u1+} Control files of package eximon4: lines which differ (wdiff format) ------------------------------------------------------------------- Version: [-4.84-8-] {+4.84-8+deb8u1+} diff -Nru exim4-4.84/debian/changelog exim4-4.84/debian/changelog --- exim4-4.84/debian/changelog 2015-02-17 18:00:49.000000000 +0100 +++ exim4-4.84/debian/changelog 2015-10-31 13:55:10.000000000 +0100 @@ -1,3 +1,12 @@ +exim4 (4.84-8+deb8u1) jessie; urgency=medium + + * Pull 85_Fix-crash-in-mime-acl-when-a-parameter-is-unterminat.patch + and 86_Avoid-crash-with-badly-terminated-non-recognised-mim.patch from + upstream GIT to fixup more MIME ACL related crashes. (Thanks, Lutz + Preßler) Closes: #803562 + + -- Andreas Metzler <ametzler@debian.org> Mon, 26 Oct 2015 17:42:16 +0100 + exim4 (4.84-8) unstable; urgency=medium * Pull 83_Remove-limit-on-remove_headers-item-size.-Bug-1533.patch and diff -Nru exim4-4.84/debian/patches/85_Fix-crash-in-mime-acl-when-a-parameter-is-unterminat.patch exim4-4.84/debian/patches/85_Fix-crash-in-mime-acl-when-a-parameter-is-unterminat.patch --- exim4-4.84/debian/patches/85_Fix-crash-in-mime-acl-when-a-parameter-is-unterminat.patch 1970-01-01 01:00:00.000000000 +0100 +++ exim4-4.84/debian/patches/85_Fix-crash-in-mime-acl-when-a-parameter-is-unterminat.patch 2015-10-31 13:50:54.000000000 +0100 @@ -0,0 +1,77 @@ +From bf485bf34df3fc2214765497a5552851c6a8977a Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146exb@wizmail.org> +Date: Tue, 30 Dec 2014 20:39:02 +0000 +Subject: [PATCH] Fix crash in mime acl when a parameter is unterminated + +Verified-by: Wolfgang Breyha <wbreyha@gmx.net> +--- + src/mime.c | 33 +++++++++++---------------------- + test/confs/4000 | 1 + + test/log/4000 | 9 ++++++--- + test/mail/4000.userx | 36 ++++++++++++++++++++++++++++++++++++ + test/scripts/4000-scanning/4000 | 27 +++++++++++++++++++++++++++ + test/stdout/4000 | 11 +++++++++++ + 6 files changed, 92 insertions(+), 25 deletions(-) + +diff --git a/src/mime.c b/src/mime.c +index a61e9f2..e5fe476 100644 +--- a/src/mime.c ++++ b/src/mime.c +@@ -599,46 +599,35 @@ NEXT_PARAM_SEARCH: + /* found an interesting parameter? */ + if (strncmpic(mp->name, p, mp->namelen) == 0) + { +- uschar * q = p + mp->namelen; +- int plen = 0; + int size = 0; + int ptr = 0; + + /* yes, grab the value and copy to its corresponding expansion variable */ +- while(*q && *q != ';') /* ; terminates */ +- if (*q == '"') ++ p += mp->namelen; ++ while(*p && *p != ';') /* ; terminates */ ++ if (*p == '"') + { +- q++; /* skip leading " */ +- plen++; /* and account for the skip */ +- while(*q && *q != '"') /* " protects ; */ +- { +- param_value = string_cat(param_value, &size, &ptr, q++, 1); +- plen++; +- } +- if (*q) +- { +- q++; /* skip trailing " */ +- plen++; +- } ++ p++; /* skip leading " */ ++ while(*p && *p != '"') /* " protects ; */ ++ param_value = string_cat(param_value, &size, &ptr, p++, 1); ++ if (*p) p++; /* skip trailing " */ + } + else +- { +- param_value = string_cat(param_value, &size, &ptr, q++, 1); +- plen++; +- } ++ param_value = string_cat(param_value, &size, &ptr, p++, 1); ++ if (*p) p++; /* skip trailing ; */ + + if (param_value) + { ++ uschar * dummy; + param_value[ptr++] = '\0'; + + param_value = rfc2047_decode(param_value, +- check_rfc2047_length, NULL, 32, NULL, &q); ++ check_rfc2047_length, NULL, 32, NULL, &dummy); + debug_printf("Found %s MIME parameter in %s header, " + "value is '%s'\n", mp->name, mime_header_list[i].name, + param_value); + } + *mp->value = param_value; +- p += mp->namelen + plen + 1; /* name=, content, ; */ + goto NEXT_PARAM_SEARCH; + } + } diff -Nru exim4-4.84/debian/patches/86_Avoid-crash-with-badly-terminated-non-recognised-mim.patch exim4-4.84/debian/patches/86_Avoid-crash-with-badly-terminated-non-recognised-mim.patch --- exim4-4.84/debian/patches/86_Avoid-crash-with-badly-terminated-non-recognised-mim.patch 1970-01-01 01:00:00.000000000 +0100 +++ exim4-4.84/debian/patches/86_Avoid-crash-with-badly-terminated-non-recognised-mim.patch 2015-10-31 13:50:54.000000000 +0100 @@ -0,0 +1,59 @@ +From e7c25d5b603a33e677efc4bccb6e5cac617e7ad5 Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146exb@wizmail.org> +Date: Thu, 1 Jan 2015 21:47:10 +0000 +Subject: [PATCH] Avoid crash with badly-terminated non-recognised mime + parameter + +--- + src/mime.c | 18 +++++++++++------- + test/log/4000 | 3 +++ + test/mail/4000.userx | 42 +++++++++++++++++++++++++++++++++++++++++ + test/scripts/4000-scanning/4000 | 32 +++++++++++++++++++++++++++++++ + test/stdout/4000 | 11 +++++++++++ + 5 files changed, 99 insertions(+), 7 deletions(-) + +diff --git a/src/mime.c b/src/mime.c +index e5fe476..948dd78 100644 +--- a/src/mime.c ++++ b/src/mime.c +@@ -589,6 +589,7 @@ DECODE_HEADERS: + NEXT_PARAM_SEARCH: + while (*p) + { ++ /* debug_printf(" considering paramlist '%s'\n", p); */ + mime_parameter * mp; + for (mp = mime_parameter_list; + mp < &mime_parameter_list[mime_parameter_list_size]; +@@ -623,7 +624,7 @@ NEXT_PARAM_SEARCH: + + param_value = rfc2047_decode(param_value, + check_rfc2047_length, NULL, 32, NULL, &dummy); +- debug_printf("Found %s MIME parameter in %s header, " ++ debug_printf(" Found %s MIME parameter in %s header, " + "value is '%s'\n", mp->name, mime_header_list[i].name, + param_value); + } +@@ -631,14 +632,17 @@ NEXT_PARAM_SEARCH: + goto NEXT_PARAM_SEARCH; + } + } +- /* There is something, but not one of our interesting parameters. +- Advance to the next semicolon */ +- while(*p != ';') ++ /* There is something, but not one of our interesting parameters. ++ Advance to the next unquoted semicolon */ ++ while(*p && *p != ';') ++ if (*p == '"') + { +- if (*p == '"') while(*++p && *p != '"') ; +- p++; ++ while(*++p && *p != '"') ; ++ if (*p) p++; + } +- p++; ++ else ++ p++; ++ if (*p) p++; + } + } + } diff -Nru exim4-4.84/debian/patches/series exim4-4.84/debian/patches/series --- exim4-4.84/debian/patches/series 2015-02-17 17:55:04.000000000 +0100 +++ exim4-4.84/debian/patches/series 2015-10-31 13:50:54.000000000 +0100 @@ -13,3 +13,5 @@ 82_quoted-or-r-2047-encoded.diff 83_Remove-limit-on-remove_headers-item-size.-Bug-1533.patch 84_Fix-truncation-of-items-in-headers_remove-lists-this.patch +85_Fix-crash-in-mime-acl-when-a-parameter-is-unterminat.patch +86_Avoid-crash-with-badly-terminated-non-recognised-mim.patchAttachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: 783355-done@bugs.debian.org, 784944-done@bugs.debian.org, 787021-done@bugs.debian.org, 787423-done@bugs.debian.org, 791403-done@bugs.debian.org, 792468-done@bugs.debian.org, 792806-done@bugs.debian.org, 793556-done@bugs.debian.org, 794940-done@bugs.debian.org, 796281-done@bugs.debian.org, 797170-done@bugs.debian.org, 797710-done@bugs.debian.org, 798028-done@bugs.debian.org, 798584-done@bugs.debian.org, 798749-done@bugs.debian.org, 798889-done@bugs.debian.org, 798890-done@bugs.debian.org, 798891-done@bugs.debian.org, 798892-done@bugs.debian.org, 798893-done@bugs.debian.org, 798895-done@bugs.debian.org, 799033-done@bugs.debian.org, 799070-done@bugs.debian.org, 799229-done@bugs.debian.org, 799230-done@bugs.debian.org, 799369-done@bugs.debian.org, 799477-done@bugs.debian.org, 799758-done@bugs.debian.org, 799777-done@bugs.debian.org, 800006-done@bugs.debian.org, 800664-done@bugs.debian.org, 800793-done@bugs.debian.org, 800881-done@bugs.debian.org, 801095-done@bugs.debian.org, 801098-done@bugs.debian.org, 801100-done@bugs.debian.org, 801304-done@bugs.debian.org, 801318-done@bugs.debian.org, 801441-done@bugs.debian.org, 801580-done@bugs.debian.org, 801743-done@bugs.debian.org, 801851-done@bugs.debian.org, 801892-done@bugs.debian.org, 802851-done@bugs.debian.org, 802879-done@bugs.debian.org, 802900-done@bugs.debian.org, 802942-done@bugs.debian.org, 803362-done@bugs.debian.org, 803467-done@bugs.debian.org, 803490-done@bugs.debian.org, 803569-done@bugs.debian.org, 803678-done@bugs.debian.org, 803730-done@bugs.debian.org, 804157-done@bugs.debian.org, 804172-done@bugs.debian.org, 804208-done@bugs.debian.org, 804381-done@bugs.debian.org, 804383-done@bugs.debian.org, 804734-done@bugs.debian.org, 804885-done@bugs.debian.org, 805024-done@bugs.debian.org, 805127-done@bugs.debian.org, 805190-done@bugs.debian.org, 805214-done@bugs.debian.org, 805260-done@bugs.debian.org, 805293-done@bugs.debian.org, 805383-done@bugs.debian.org, 805634-done@bugs.debian.org, 805721-done@bugs.debian.org, 805894-done@bugs.debian.org, 806129-done@bugs.debian.org, 806165-done@bugs.debian.org, 806247-done@bugs.debian.org, 806252-done@bugs.debian.org, 806338-done@bugs.debian.org, 806529-done@bugs.debian.org, 806640-done@bugs.debian.org, 807129-done@bugs.debian.org, 807140-done@bugs.debian.org, 807142-done@bugs.debian.org, 807273-done@bugs.debian.org, 807280-done@bugs.debian.org, 807467-done@bugs.debian.org, 807489-done@bugs.debian.org, 807515-done@bugs.debian.org, 807576-done@bugs.debian.org, 807612-done@bugs.debian.org, 807828-done@bugs.debian.org, 807917-done@bugs.debian.org, 808559-done@bugs.debian.org, 808890-done@bugs.debian.org, 809200-done@bugs.debian.org, 809255-done@bugs.debian.org, 809258-done@bugs.debian.org, 809307-done@bugs.debian.org, 809534-done@bugs.debian.org, 809561-done@bugs.debian.org, 809688-done@bugs.debian.org, 809757-done@bugs.debian.org, 809824-done@bugs.debian.org, 810004-done@bugs.debian.org, 810111-done@bugs.debian.org, 810130-done@bugs.debian.org, 810542-done@bugs.debian.org, 810760-done@bugs.debian.org, 810887-done@bugs.debian.org, 811132-done@bugs.debian.org, 811320-done@bugs.debian.org, 792779-done@bugs.debian.org
- Subject: 8.3 point release cleanup
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 23 Jan 2016 13:57:15 +0000
- Message-id: <1453557435.1835.52.camel@adam-barratt.org.uk>
Version: 8.3 Hi, The updates referred to in these bugs were included in today's 8.3 Jessie point release. Regards, Adam
--- End Message ---