Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Please unblock package getmail4
getmail used mboxo while claiming to use mboxrd. The use of mboxo
format causes irrecoverable data corruption as reported in #633799.
The upstream has accepted this bug report and released fixed version as
4.35.
I have made an updated Debian 4.32-3 package to address only #633799
by using the diff in the upstream source 4.34->4.35. This update has
been in good shape at the upstream for over 3 weeks. So it is time for
Debian to use it to fix data corruption.
(There were feature enhancement release as 4.33 and 4.34 which are not
included in this update).
unblock getmail4/4.32.0-2
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (10, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.6-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru getmail4-4.32.0/debian/changelog getmail4-4.32.0/debian/changelog
--- getmail4-4.32.0/debian/changelog 2012-07-12 01:00:56.000000000 +0900
+++ getmail4-4.32.0/debian/changelog 2012-11-16 20:33:24.000000000 +0900
@@ -1,3 +1,10 @@
+getmail4 (4.32.0-2) unstable; urgency=low
+
+ * Prevent mail data corruption by the mboxo format by applying
+ upstream 4.35 patch to use the mboxrd format. Closes: #633799
+
+ -- Osamu Aoki <os...@debian.org> Fri, 16 Nov 2012 20:31:42 +0900
+
getmail4 (4.32.0-1) unstable; urgency=low
* New upstream release.
diff -Nru getmail4-4.32.0/debian/patches/series
getmail4-4.32.0/debian/patches/series
--- getmail4-4.32.0/debian/patches/series 2012-07-12 00:43:53.000000000
+0900
+++ getmail4-4.32.0/debian/patches/series 2012-11-16 20:21:59.000000000
+0900
@@ -1,2 +1,3 @@
getmail_python-header.patch
getmail_python-modules.patch
+upstream.4.35.0.patch
diff -Nru getmail4-4.32.0/debian/patches/upstream.4.35.0.patch
getmail4-4.32.0/debian/patches/upstream.4.35.0.patch
--- getmail4-4.32.0/debian/patches/upstream.4.35.0.patch 1970-01-01
09:00:00.000000000 +0900
+++ getmail4-4.32.0/debian/patches/upstream.4.35.0.patch 2012-11-16
20:21:42.000000000 +0900
@@ -0,0 +1,85 @@
+Description: Upstream 4.35 patch to address data corruption
+ Note on mangle_from: the Python email.Generator class apparently only
+ quotes "From ", not ">From " (i.e. it uses mboxo format instead of
+ mboxrd). So we don't use its mangling, and do it by hand instead.
+Author: Charles Cazabon
+diff --git a/getmailcore/message.py b/getmailcore/message.py
+index 0137ba3..0e54ef8 100755
+--- a/getmailcore/message.py
++++ b/getmailcore/message.py
+@@ -10,6 +10,7 @@ __all__ = [
+ import os
+ import time
+ import cStringIO
++import re
+ import email
+ import email.Errors
+ import email.Utils
+@@ -29,6 +30,9 @@ message_attributes = (
+ 'recipient'
+ )
+
++RE_FROMLINE = re.compile(r'^(>*From )', re.MULTILINE)
++
++
+ #######################################
+ def corrupt_message(why, fromlines=None, fromstring=None):
+ log = getmailcore.logging.Logger()
+@@ -130,19 +134,25 @@ class Message(object):
+ it by writing out what we need, letting the generator write out the
+ message, splitting it into lines, and joining them with the platform
+ EOL.
++
++ Note on mangle_from: the Python email.Generator class apparently only
++ quotes "From ", not ">From " (i.e. it uses mboxo format instead of
++ mboxrd). So we don't use its mangling, and do it by hand instead.
+ '''
+- f = cStringIO.StringIO()
+ if include_from:
+- # This needs to be written out first, so we can't rely on the
+- # generator
+- f.write('From %s %s' % (mbox_from_escape(self.sender),
+- time.asctime()) + os.linesep)
++ # Mbox-style From line, not rfc822 From: header field.
++ fromline = 'From %s %s' % (mbox_from_escape(self.sender),
++ time.asctime()) + os.linesep
++ else:
++ fromline = ''
+ # Write the Return-Path: header
+- f.write(format_header('Return-Path', '<%s>' % self.sender))
++ rpline = format_header('Return-Path', '<%s>' % self.sender)
+ # Remove previous Return-Path: header fields.
+ del self.__msg['Return-Path']
+ if delivered_to:
+- f.write(format_header('Delivered-To', self.recipient or
'unknown'))
++ dtline = format_header('Delivered-To', self.recipient or
'unknown')
++ else:
++ dtline = ''
+ if received:
+ content = 'from %s by %s with %s' % (
+ self.received_from, self.received_by, self.received_with
+@@ -151,13 +161,20 @@ class Message(object):
+ content += ' for <%s>' % self.recipient
+ content += '; ' + time.strftime('%d %b %Y %H:%M:%S -0000',
+ time.gmtime())
+- f.write(format_header('Received', content))
+- gen = Generator(f, mangle_from, 0)
++ receivedline = format_header('Received', content)
++ else:
++ receivedline = ''
+ # From_ handled above, always tell the generator not to include it
+ try:
++ tmpf = cStringIO.StringIO()
++ gen = Generator(tmpf, False, 0)
+ gen.flatten(self.__msg, False)
+- f.seek(0)
+- return os.linesep.join(f.read().splitlines() + [''])
++ strmsg = tmpf.getvalue()
++ if mangle_from:
++ # do mboxrd-style "From " line quoting
++ strmsg = RE_FROMLINE.sub(r'>\1', strmsg)
++ return (fromline + rpline + dtline + receivedline
++ + os.linesep.join(strmsg.splitlines() + ['']))
+ except TypeError, o:
+ # email module chokes on some badly-misformatted messages, even
+ # late during flatten(). Hope this is fixed in Python 2.4.
