[Savannah-hackers] [Philip Hazel] [Exim-Announce] Minor security bug

savannah-hackers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-hackers] [Philip Hazel] [Exim-Announce] Minor security bug

From:	Paul Fisher
Subject:	[Savannah-hackers] [Philip Hazel] [Exim-Announce] Minor security bug
Date:	Thu, 14 Aug 2003 13:05:15 -0400
User-agent:	Gnus/5.090019 (Oort Gnus v0.19) Emacs/21.1.80 (gnu/linux)

Please update Exim on savannah ASAP with the included patch for Exim
4.20. Mathieu installed the original version of Exim 4.20, but I'm
unable to find the Debian source build package on savannah.  The exim
package is set to a status of hold, and it's obviously a custom
install.

If you'd like for me to install the standard Exim 4 Debian packages
that we use on the rest of the GNU systems, I can do this.  With any
luck, it won't break the exim setup on savannah.

If I don't hear back by 5PM Eastern, I'll install the Exim 4 packages
that I have.

Please also do not upgrade to Exim 4.21, which has a number of bugs --
Exim 4.22 will be released next week.

--- Begin Message --- Subject: [Exim-Announce] Minor security bug Date: Thu, 14 Aug 2003 09:31:54 +0100 (BST)

A minor security problem has been found in Exim 3 and 4 (many thanks to
Nick Cleaton). The bug is not thought to be exploitable, but one can
never be absolutely certain.

The bug is fixed in Exim 4.21, which I have just released. Patches for
Exim 4.20 and Exim 3.36 are below. For other releases, these patches may
also work, or can be trivially adapted if the patch program has problems
with the line numbers. The actual code in question has hardly changed
for many years.

Philip

-- 
Philip Hazel            University of Cambridge Computing Service,
address@hidden      Cambridge, England. Phone: +44 1223 334714.



----------------- Patch for Exim 4.20 -----------------

*** exim-4.20/src/smtp_in.c Mon May 12 14:39:22 2003
--- smtp_in.c    Wed Aug 13 14:26:01 2003
***************
*** 1967,1978 ****

      if (!check_helo(smtp_data))
        {
-       uschar *s;
        smtp_printf("501 Syntactically invalid %s argument(s)\r\n", hello);
-       if (*smtp_data == 0) Ustrcpy(smtp_data, "(no argument given)");
-       s = string_printing(smtp_data);
        log_write(0, LOG_MAIN|LOG_REJECT, "rejected %s from %s: syntactically "
!         "invalid argument(s): %s", hello, host_and_ident(FALSE), s);
        break;
        }

--- 1967,1977 ----

      if (!check_helo(smtp_data))
        {
        smtp_printf("501 Syntactically invalid %s argument(s)\r\n", hello);
        log_write(0, LOG_MAIN|LOG_REJECT, "rejected %s from %s: syntactically "
!         "invalid argument(s): %s", hello, host_and_ident(FALSE),
!         (*smtp_data == 0)? US"(no argument given)" :
!                            string_printing(smtp_data));
        break;
        }

----------------------------------------------------------------



----------------- Patch for Exim 3.36 -----------------


*** exim-3.36/src/smtp_in.c Thu Apr  4 13:56:20 2002
--- smtp_in.c   Thu Aug 14 09:09:33 2003
***************
*** 2021,2033 ****

      if (!check_helo(smtp_data))
        {
!       char *s;
!       smtp_printf("501 syntactically invalid %s argument(s)\r\n", hello);
!       if (*smtp_data == 0) strcpy(smtp_data, "(no argument given)");
!       s = string_printing(smtp_data);
        log_write(0, LOG_MAIN|LOG_REJECT, "rejected %s from %s: syntactically "
          "invalid argument(s): %s", hello,
!         (sender_fullhost == NULL)? "local process" : sender_fullhost, s);
        break;
        }

--- 2021,2032 ----

      if (!check_helo(smtp_data))
        {
!       smtp_printf("501 Syntactically invalid %s argument(s)\r\n", hello);
        log_write(0, LOG_MAIN|LOG_REJECT, "rejected %s from %s: syntactically "
          "invalid argument(s): %s", hello,
!         (sender_fullhost == NULL)? "local process" : sender_fullhost,
!         (*smtp_data == 0)? "(no argument given)" :
!                            string_printing(smtp_data));
        break;
        }

----------------------------------------------------------------




--
## List details at http://www.exim.org/mailman/listinfo/exim-announce Exim 
details at http://www.exim.org/ ##

--- End Message ---

[Prev in Thread]

Current Thread

[Next in Thread]

[Savannah-hackers] [Philip Hazel] [Exim-Announce] Minor security bug, Paul Fisher <=
- Re: [Savannah-hackers] [Philip Hazel] [Exim-Announce] Minor security bug, Rudy Gevaert, 2003/08/14
  - Re: [Savannah-hackers] [Philip Hazel] [Exim-Announce] Minor security bug, Paul Fisher, 2003/08/14
- [Savannah-hackers] Re: [Philip Hazel] [Exim-Announce] Minor security bug, Mathieu Roy, 2003/08/15

Prev by Date: Re: [Savannah-hackers] submission of MaLa (MacroLanguage) -savannah.gnu.org
Next by Date: Re: [Savannah-hackers] submission of HackJack - savannah.nongnu.org
Previous by thread: [Savannah-hackers] Liquida petroquimica a firmas mexicanas . . .
Next by thread: Re: [Savannah-hackers] [Philip Hazel] [Exim-Announce] Minor security bug
Index(es):
- Date
- Thread