[Pkg-mailman-hackers] Re: Bug#244181: CAN-2004-0182: DoSsable through message with an empty subject field
Siggy Brentrup
bsb@debian.org
Mon, 19 Apr 2004 13:59:25 +0200
--WplhKdTI2c8ulnbP
Content-Type: multipart/mixed; boundary="+pHx0qQiF2pBVqBT"
Content-Disposition: inline
--+pHx0qQiF2pBVqBT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Apr 17, 2004 at 11:27:43AM -0700, Matt Zimmerman wrote:
> On Sat, Apr 17, 2004 at 01:14:43PM +0200, J.H.M. Dassen (Ray) wrote:
>=20
> > On Sat, Apr 17, 2004 at 10:48:51 +0200, GCS wrote:
> > > Mea culpa, I was too fast on responding this. Isn't it a
> > > duplicate of #232079?
> >=20
> > I'm fairly sure it isn't.
>=20
> I believe it is.
Confirmed, nonetheless CAN-2004-0182 should be recorded in the changelog
when closing this non-bug (see attachment).
After removing an excess else part, that code sequence is identical to
upstream's 2.0.14.
If you choose not to upload -1woody9, please drop me a note that I can
close #244181 by other means.
Looking into the diff of upstream 2.0.14 against our 2.0.11:
- some 15 cgi.escape(s) calls are replaced by Utils.QuoteHyperChars(s)
which additionally escapes the double quote character; this may or
may not be security relevant.
- a possible exception when gethostbyaddr(gethostname()) fails during
message id generation is handled gracefully.
- a possible exception when generating digest footers is handled
gracefully.
- check_perms uses stat() instead of lstat() in one place.
- savannah is missing from contrib/
- we have some non-security fixes that didn't make their way into
upstream as they should have. (Given the sheer number of open sf
issues, I didn't take the time to check if they have been reported)
- Some external URLs in the documentation have changed.
Summarizing: 2.0.14 is mostly a bugfix release, no new features have
been introduced.
Being involved in splitting the oversized unstable mailman, I don't
want to put too much time into=20
Thanks
. Siggy
ps: Being involved in splitting the oversized unstable mailman, I
don't want to devote too much time to this issue.
--+pHx0qQiF2pBVqBT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=mm-patch-1woody9
Content-Transfer-Encoding: quoted-printable
diff -urN mailman-2.0.11-woody/Mailman/MailCommandHandler.py mailman-2.0.11=
/Mailman/MailCommandHandler.py
--- mailman-2.0.11-woody/Mailman/MailCommandHandler.py 2004-04-19 09:36:18.=
000000000 +0200
+++ mailman-2.0.11/Mailman/MailCommandHandler.py 2004-04-19 10:37:14.000000=
000 +0200
@@ -161,8 +161,6 @@
if mo:
subject =3D mo.group('cmd')
splitsubj =3D string.split(subject)
- else:
- splitsubj =3D None
if (subject and splitsubj and
self.__dispatch.has_key(string.lower(splitsubj[0]))):
lines =3D [subject] + string.split(msg.body, '\n')
diff -urN mailman-2.0.11-woody/debian/changelog mailman-2.0.11/debian/chang=
elog
--- mailman-2.0.11-woody/debian/changelog 2004-04-19 09:36:18.000000000 +02=
00
+++ mailman-2.0.11/debian/changelog 2004-04-19 10:36:31.000000000 +0200
@@ -1,3 +1,12 @@
+mailman (2.0.11-1woody9) stable-security; urgency=3Dhigh
+
+ * Note that CAN-2004-0182 has already been dealt with when closing
+ #232079 (non-existing as well as empty subject headers are handled)
+ (Closes: #244181).
+ * Mailman/MailCommandHandler.py: removed excess else part.
+
+ -- Siggy Brentrup <bsb@debian.org> Mon, 19 Apr 2004 10:36:31 +0200
+
mailman (2.0.11-1woody8) stable-security; urgency=3Dhigh
=20
* Non-maintainer upload by the Security Team
--+pHx0qQiF2pBVqBT--
--WplhKdTI2c8ulnbP
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAg78d94B/SGO8KQcRAnAkAKCeADUUwElKxPOqDqjavsmeGD7b2QCfXndy
aRNLKMJVtcklwDw6+T5nMJs=
=8xd3
-----END PGP SIGNATURE-----
--WplhKdTI2c8ulnbP--