Your message dated Sat, 7 May 2005 11:00:42 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug#308007: leafnode security bug
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 7 May 2005 09:01:18 +0000
>From [EMAIL PROTECTED] Sat May 07 02:01:18 2005
Return-path: <[EMAIL PROTECTED]>
Received: from krusty.dt.e-technik.uni-dortmund.de
(mail.dt.e-technik.uni-dortmund.de) [129.217.163.1] (postfix)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DULBV-0001K3-00; Sat, 07 May 2005 02:01:17 -0700
Received: from localhost (localhost [127.0.0.1])
by mail.dt.e-technik.uni-dortmund.de (Postfix) with ESMTP id E811344011
for <[EMAIL PROTECTED]>; Sat, 7 May 2005 11:01:13 +0200 (CEST)
Received: from mail.dt.e-technik.uni-dortmund.de ([127.0.0.1])
by localhost (krusty [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
id 16024-05 for <[EMAIL PROTECTED]>;
Sat, 7 May 2005 11:01:11 +0200 (CEST)
Received: from m2a2.dyndns.org (p5091704C.dip.t-dialin.net [80.145.112.76])
by mail.dt.e-technik.uni-dortmund.de (Postfix) with ESMTP id 7C8E64400D
for <[EMAIL PROTECTED]>; Sat, 7 May 2005 11:01:11 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
by merlin.emma.line.org (Postfix) with ESMTP id 77F4877513
for <[EMAIL PROTECTED]>; Sat, 7 May 2005 11:01:10 +0200 (CEST)
Received: from m2a2.dyndns.org ([127.0.0.1])
by localhost (m2a2.dyndns.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 03977-12 for <[EMAIL PROTECTED]>;
Sat, 7 May 2005 11:01:09 +0200 (CEST)
Received: by merlin.emma.line.org (Postfix, from userid 500)
id 4660E7760F; Sat, 7 May 2005 11:01:09 +0200 (CEST)
Date: Sat, 7 May 2005 11:01:09 +0200
From: Matthias Andree <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: leafnode security bug
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
X-PGP-Key: http://home.pages.de/~mandree/keys/GPGKEY.asc
User-Agent: Mutt/1.5.9i
X-Virus-Scanned: amavisd-new at dt.e-technik.uni-dortmund.de
Content-Transfer-Encoding: quoted-printable
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: leafnode
Version: 1.11.1.rel-1
Severity: grave
Tags: security confirmed sarge patch fixed-upstream
Please backport 1.11.2.rel-1 from unstable to fix CAN-2005-1453,
two denial of service vulnerabilities that can crash fetchnews.
<http://leafnode.sourceforge.net/leafnode-SA-2005-01.txt>
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2005-1453>
Alternatively, try these two patches if a minimum solution is a
requirement during the freeze. I'd strongly urge to update to 1.11.2
though, asking for release engineer approval.
diff -u -r1.179 -r1.180
--- fetchnews.c 5 Apr 2005 20:09:45 -0000 1.179
+++ fetchnews.c 4 May 2005 09:05:33 -0000 1.180
@@ -1396,10 +1396,10 @@
(void)ftruncate(fileno(f), 0);
(void)fclose(f);
unlink(c);
- free(stufftoget);
ln_log(LNLOG_SWARNING, LNLOG_CARTICLE,
"warning: %s: %s: server disconnect or timeout after
BODY %lu",
current_server->name, g->name, stufftoget[i]);
+ free(stufftoget);
return 0;
}
if (sscanf(l, "%3ld", &n) !=3D 1 || (n / 10 !=3D 22)) {
@@ -1437,10 +1437,10 @@
if (l =3D=3D NULL) { /* article didn't terminate with a .: error */
(void)truncate(c, 0);
(void)unlink(c);
- free(stufftoget);
ln_log(LNLOG_SWARNING, LNLOG_CARTICLE,
"warning: %s: %s: server disconnect or timeout
retrieving article %lu=
",
current_server->name, g->name, stufftoget[i]);
+ free(stufftoget);
return 0;
}
}
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
diff -u -r1.181 -r1.182
--- fetchnews.c 4 May 2005 09:35:21 -0000 1.181
+++ fetchnews.c 4 May 2005 10:09:23 -0000 1.182
@@ -1206,7 +1206,10 @@
*
* SourceForge bug 873149, reported 2004-01-08 by Toni Viemer=F6,
* sourceforge user "skithund" */
- if (strcmp(l, ".") =3D=3D 0 && requested_body) {
+ if (l =3D=3D NULL) {
+ /* timeout - don't flush body */
+ requested_body =3D FALSE;
+ } else if (strcmp(l, ".") =3D=3D 0 && requested_body) {
ln_log(LNLOG_SNOTICE, LNLOG_CTOP, "%s: %s:%lu: article without blan=
k line after header, format violation",
current_server->name, g->name, stufftoget[i]);
requested_body =3D FALSE;
--=20
Matthias Andree
---------------------------------------
Received: (at 308007-done) by bugs.debian.org; 7 May 2005 10:00:43 +0000
>From [EMAIL PROTECTED] Sat May 07 03:00:43 2005
Return-path: <[EMAIL PROTECTED]>
Received: from kerouac.projectcolo.org.uk [80.71.3.114]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DUM71-000754-00; Sat, 07 May 2005 03:00:43 -0700
Received: from localhost (localhost [127.0.0.1])
by kerouac.projectcolo.org.uk (Postfix) with ESMTP id BDE9B79F69
for <[EMAIL PROTECTED]>; Sat, 7 May 2005 11:00:42 +0100 (BST)
Received: from kerouac.projectcolo.org.uk ([127.0.0.1])
by localhost (kerouac [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 17666-01 for <[EMAIL PROTECTED]>;
Sat, 7 May 2005 11:00:42 +0100 (BST)
Received: from lorien.sirena.org.uk
(82-41-27-6.cable.ubr04.edin.blueyonder.co.uk [82.41.27.6])
(using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))
(No client certificate requested)
by kerouac.projectcolo.org.uk (Postfix) with ESMTP id 7701F79DDE
for <[EMAIL PROTECTED]>; Sat, 7 May 2005 11:00:42 +0100 (BST)
Received: from raphaela (raphaela.sirena.org.uk [192.168.56.10])
by lorien.sirena.org.uk (Postfix) with ESMTP id A40F42AD1C
for <[EMAIL PROTECTED]>; Sat, 7 May 2005 11:00:41 +0100 (BST)
Received: by raphaela (Postfix, from userid 1000)
id 8DF91C6D7C; Sat, 7 May 2005 11:00:42 +0100 (BST)
Date: Sat, 7 May 2005 11:00:42 +0100
From: Mark Brown <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Bug#308007: leafnode security bug
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
X-Cookie: No shirt, no shoes, no service.
User-Agent: Mutt/1.5.9i
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at projectcolo.org.uk
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_01,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
On Sat, May 07, 2005 at 11:01:09AM +0200, Matthias Andree wrote:
> Alternatively, try these two patches if a minimum solution is a
> requirement during the freeze. I'd strongly urge to update to 1.11.2
> though, asking for release engineer approval.
1.11.2 will be propagated to sarge:
10:51 < vorlon> yeah, we'll go with it
--
"You grabbed my hand and we fell into it, like a daydream - or a fever."
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
