Bug#930882: marked as done (unblock: schleuder/3.4.0-2)

To: Paul Gevers <elbrus@debian.org>
Subject: Bug#930882: marked as done (unblock: schleuder/3.4.0-2)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 22 Jun 2019 18:00:11 +0000
Message-id: <[🔎] handler.930882.D930882.156122622328925.ackdone@bugs.debian.org>
Reply-to: 930882@bugs.debian.org
References: <a62f488a-fb01-d12f-f967-80dc5c7cb36d@debian.org> <[🔎] 20190621205414.GC1634@debian>

Your message dated Sat, 22 Jun 2019 19:56:59 +0200
with message-id <a62f488a-fb01-d12f-f967-80dc5c7cb36d@debian.org>
and subject line Re: Bug#930882: unblock: schleuder/3.4.0-2
has caused the Debian Bug report #930882,
regarding unblock: schleuder/3.4.0-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
930882: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930882
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: unblock: schleuder/3.4.0-2
From: Georg Faerber <georg@debian.org>
Date: Fri, 21 Jun 2019 20:54:14 +0000
Message-id: <[🔎] 20190621205414.GC1634@debian>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Dear release team,

Please unblock schleuder 3.4.0-2.

I've just uploaded it to unstable, it ships a fix to allow Schleuder
handle mails produced by Mutt 1.12.0, which was recently released, with
protected headers. Without this fix, Schleuder is unable to handle these
messages, and crashes. The problem was reported by a user some days ago
[1]; a fix was proposed [2], which is tested and already used in
production.

Please find the debdiff attached.

unblock schleuder/3.4.0-2

Thanks for your work,
cheers,
Georg


[1] https://0xacab.org/schleuder/schleuder/issues/430
[2] https://0xacab.org/schleuder/schleuder/merge_requests/290

diff -Nru schleuder-3.4.0/debian/changelog schleuder-3.4.0/debian/changelog
--- schleuder-3.4.0/debian/changelog	2019-02-14 17:10:34.000000000 +0000
+++ schleuder-3.4.0/debian/changelog	2019-06-21 19:05:42.000000000 +0000
@@ -1,3 +1,15 @@
+schleuder (3.4.0-2) unstable; urgency=medium
+
+  * debian/patches:
+    - Pull in upstream patch to handle mails with protected headers as
+      introduced in Mutt 1.12.0, which was recently released. These headers
+      are just contained within the plain body of a mail produced by Mutt,
+      they are not further wrapped into a specifically marked MIME-part.
+      Schleuder fails to handle such messages, accordingly, this patch fixes
+      this behaviour. (Closes: #930870)
+
+ -- Georg Faerber <georg@debian.org>  Fri, 21 Jun 2019 19:05:42 +0000
+
 schleuder (3.4.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru schleuder-3.4.0/debian/patches/0017-mutt-protected-headers.patch schleuder-3.4.0/debian/patches/0017-mutt-protected-headers.patch
--- schleuder-3.4.0/debian/patches/0017-mutt-protected-headers.patch	1970-01-01 00:00:00.000000000 +0000
+++ schleuder-3.4.0/debian/patches/0017-mutt-protected-headers.patch	2019-06-21 19:05:42.000000000 +0000
@@ -0,0 +1,107 @@
+Description: Handle protected headers produced by Mutt 1.12.0
+  Mutt 1.12.0, which was recently released, introduced protected headers. These
+  headers are just contained within the plain body of a mail produced by Mutt,
+  they are not further wrapped into a specifically marked MIME-part. Schleuder
+  fails to handle such messages, accordingly, this patch fixes this behaviour.
+Origin: upstream
+Forwarded: not-needed
+Applied-Upstream: 0651daf54a520906583aa6de4bb3854575fcb963
+Last-Update: 2019-06-20
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: schleuder/lib/schleuder/mail/message.rb
+===================================================================
+--- schleuder.orig/lib/schleuder/mail/message.rb
++++ schleuder/lib/schleuder/mail/message.rb
+@@ -55,7 +55,7 @@ module Mail
+         new.protected_headers_subject = self.subject.dup
+
+         # Delete the protected headers which might leak information.
+-        if new.parts.first.content_type == "text/rfc822-headers; protected-headers=v1"
++        if new.parts.first && new.parts.first.content_type == "text/rfc822-headers; protected-headers=v1"
+           new.parts.shift
+         end
+       end
+Index: schleuder/spec/fixtures/mutt_protected_headers.txt
+===================================================================
+--- /dev/null
++++ schleuder/spec/fixtures/mutt_protected_headers.txt
+@@ -0,0 +1,47 @@
++From schleuder@example.org Thu Jun 13 15:19:33 2019
++Received: from 127.0.0.1 (helo=localhost.localdomain)
++	by mail.example.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
++	(Exim 4.92)
++	id 1hbPdc-0007GN-6b
++	for schleuder@example.org; Thu, 13 Jun 2019 15:19:32 +0200
++Date: Thu, 13 Jun 2019 15:19:30 +0200
++From: dev <schleuder@example.org>
++To: schleuder@example.org
++Subject: ...
++Message-ID: <20190613131930.ABC@xyz>
++MIME-Version: 1.0
++Content-Type: multipart/encrypted; protocol="application/pgp-encrypted";
++	boundary="z6Eq5LdranGa6ru8"
++Content-Disposition: inline
++
++
++--z6Eq5LdranGa6ru8
++Content-Type: application/pgp-encrypted
++Content-Disposition: attachment
++
++Version: 1
++
++--z6Eq5LdranGa6ru8
++Content-Type: application/octet-stream
++Content-Disposition: attachment; filename="msg.asc"
++
++-----BEGIN PGP MESSAGE-----
++
++hQIMA691X8Gl2MArAQ//SFZyc/TD/9PYMddJcUIp4F85wsoCUZUaVLpKBzUZdrLv
++rln9bgaou4MiUXF8ZTSqq2ET6A3X7+wpDjs79KiDJnILUmguGDT2KTkyD8lxP9nd
++oIKtqKdf95AYGmItYkaQqdZf1No2q4ZBQNWXp8+LZgxINn5AW+9wuOo8F9w+tyZJ
++8r9jlj5TJ0YnVp5FieKMMyxiSOCGX8lAaqi4TbML35OWrnL8Decsz5tTX4jfqr8L
++cvNuIpa863WkbZxMxLEEn4/yC6upmOnU3eSZ9M/UoXiqgBsd01KEoOvmIIPOgGce
++IaCxO4zuoPvtcQsuinlLCI2oX9mpex6iTMGmD1J0G9FNGI3OHkwZcahw+4/3dv9K
++jfUjm6XwndtYi6ifAPAf8M8RT84hFlZKqR7IpGmpqWnLZx6BcFV0RDu8GCIPD6Fr
++UeLu1hGLD3SMbKy9zSR4lDSkMRvCUumXAebtEvfp7dfQ9Z8I866J5/9EZIDH88M1
++Rb9agaBlwwr8Oy0hzC3rwvLyqXi1KD79f+YmGL0yatYPTm37qCE+QdfXCkesN6jg
++SV3zjtpBalP0KMCtAhouFf6xDz615nWvC5NRh2yzYOhSVfmZEVrB9Zz7GZx8rsMi
++2U0ALYJIc6EI0uc/sLZ9dYu6hBa72VmSe90zS5IE2ZYB24GnzXV95iMsvH35/4vS
++igFWNQmHxWc9GfwgXN2/P2k4zokCxywLLhoa5xoy+SGmipz2pU8IS4chGT6H5edU
++/CdBAAdHw7eNgXkuctH9eAM7WE/yu+1tmAPUvzr3ojFyXF+L8d8gcCbOJA4scHb6
++/L8B0J+CZG/dkMDxU/xjyc7zz8not13HTr6xklMUIam/OzM95YFmleAN4g==
++=l547
++-----END PGP MESSAGE-----
++
++--z6Eq5LdranGa6ru8--
+Index: schleuder/spec/schleuder/integration/protected_headers_spec.rb
+===================================================================
+--- schleuder.orig/spec/schleuder/integration/protected_headers_spec.rb
++++ schleuder/spec/schleuder/integration/protected_headers_spec.rb
+@@ -85,4 +85,26 @@ describe "protected subject" do
+
+     teardown_list_and_mailer(list)
+   end
++
++  it "works with mutt protected headers" do
++    list = create(:list)
++    list.subscribe("schleuder@example.org", '59C71FB38AEE22E091C78259D06350440F759BD3', true)
++    mail = Mail.read("spec/fixtures/mutt_protected_headers.txt")
++    mail.deliver
++
++    encrypted_mail = Mail::TestMailer.deliveries.first
++    Mail::TestMailer.deliveries.clear
++
++    begin
++      Schleuder::Runner.new().run(encrypted_mail.to_s, list.email)
++    rescue SystemExit
++    end
++    raw = Mail::TestMailer.deliveries.first
++    message = Mail.create_message_to_list(raw.to_s, list.request_address, list).setup
++
++    expect(message.parts[1].body.to_s).to eql("Subject: x\n")
++    expect(message.parts[2].body.to_s).to eql("test\n")
++
++    teardown_list_and_mailer(list)
++  end
+ end
diff -Nru schleuder-3.4.0/debian/patches/series schleuder-3.4.0/debian/patches/series
--- schleuder-3.4.0/debian/patches/series	2019-02-14 17:10:34.000000000 +0000
+++ schleuder-3.4.0/debian/patches/series	2019-06-21 19:05:42.000000000 +0000
@@ -6,3 +6,4 @@
 0005-man-fix-log-path.patch
 0001-lib-fix-paths.patch
 0002-etc-fix-paths.patch
+0017-mutt-protected-headers.patch

Attachment: signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message ---

To: Georg Faerber <georg@debian.org>

Cc: 930882-done@bugs.debian.org

Subject: Re: Bug#930882: unblock: schleuder/3.4.0-2

From: Paul Gevers <elbrus@debian.org>

Date: Sat, 22 Jun 2019 19:56:59 +0200

Message-id: <a62f488a-fb01-d12f-f967-80dc5c7cb36d@debian.org>

In-reply-to: <[🔎] 20190622074243.GF1634@debian>

References: <[🔎] 20190621205414.GC1634@debian> <[🔎] d154cf3b-8faf-1c27-de76-93f22f25a7c7@debian.org> <[🔎] 20190621205414.GC1634@debian> <[🔎] 20190622071707.GD1634@debian> <[🔎] 20190621205414.GC1634@debian> <[🔎] 20190622072600.GE1634@debian> <[🔎] 20190622074243.GF1634@debian>
Hi Georg,

On 22-06-2019 09:42, Georg Faerber wrote:
> I'm not completely happy with this, but still, is this "good enough" for
> now?

I had a more careful look and the failing run was actually installing
schleuder 3.4.0-1 and test it with the testsuite of 3.4.0-2. That
obviously fails on the new test. Probably the test hit a mirror that was
slightly behind.

Paul
Attachment: signature.asc
Description: OpenPGP digital signature

--- End Message ---

Reply to:

References:
- Bug#930882: unblock: schleuder/3.4.0-2
  - From: Georg Faerber <georg@debian.org>

Prev by Date: Bug#930812: unblock: cargo/0.35.0-2
Next by Date: Bug#930727: marked as done (unblock: gatb-core/1.4.1+git20181225.44d5a44+dfsg-3)
Previous by thread: Bug#930882: unblock: schleuder/3.4.0-2
Next by thread: Processed: oops forgot moreinfo tag
Index(es):
- Date
- Thread