Bug 117796 - [security update] mail/perdition to 1.17.1
Summary: [security update] mail/perdition to 1.17.1
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Beech Rintoul
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-11-03 21:20 UTC by thomas
Modified: 2007-11-06 11:10 UTC (History)
0 users

See Also:


Attachments
file.diff (601 bytes, patch)
2007-11-03 21:20 UTC, thomas
no flags Details | Diff
file.diff (354 bytes, patch)
2007-11-03 21:20 UTC, thomas
no flags Details | Diff
file.diff (395 bytes, patch)
2007-11-03 21:20 UTC, thomas
no flags Details | Diff
file.diff (1.01 KB, patch)
2007-11-03 21:20 UTC, thomas
no flags Details | Diff
file.diff (382 bytes, patch)
2007-11-03 21:20 UTC, thomas
no flags Details | Diff
file.diff (398 bytes, patch)
2007-11-03 21:20 UTC, thomas
no flags Details | Diff
file.diff (380 bytes, patch)
2007-11-03 21:20 UTC, thomas
no flags Details | Diff
file.diff (955 bytes, patch)
2007-11-03 21:20 UTC, thomas
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description thomas 2007-11-03 21:20:00 UTC
Perdition IMAP is affected by a format string bug in one of its IMAP output-string formatting functions. The bug allows the execution of arbitrary code on the affected server. A successful exploit does not require prior authentication.

Vulnerable versions: Perdition <= 1.17

Fix: Update to 1.17.1

This files are diffs are from the perdition src code and should go to ports/mail/perdition/files. This are NOT diffs agains old perdition/files/*




Please delete this patches in /files:
patch-perdition::db::daemon::Makefile.in (not necessary anymore)
patch-perdition::Makefile.in (replaced by new patch-perdition-Makefile.in)
patch-perdition-db-ldap-perditiondb_ldap (not necessary anymore)--c6cW2K3Xvt9vXKboA71Im2CD0lYsbGPGoGVw3MCXA25Ucb4l
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

diff -ruN  perdition.orig/Makefile perdition/Makefile
--- perdition.orig/Makefile	2007-08-10 15:49:44.000000000 +0200
+++ perdition/Makefile	2007-11-02 23:11:43.000000000 +0100
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	perdition
-PORTVERSION=	1.17
+PORTVERSION=	1.17.1
 CATEGORIES=	mail net security
 MASTER_SITES=	http://www.vergenet.net/linux/perdition/download/${PORTVERSION}/
 
@@ -31,7 +31,7 @@
 MAKE_ENV+=	DOCSDIR=${DOCSDIR}
 CONFIGURE_ARGS+=	--disable-daemon-map
 
-INSTALLS_SHLIB=	yes
+USE_LDCONFIG=	yes
 
 ##
 ## Available knobs:
@@ -122,7 +122,9 @@
 
 .if defined(WITH_OPENLDAP)
 USE_OPENLDAP=		YES
-CONFIGURE_ARGS+=	--enable-ldap --with-ldap-schema-directory=${LOCALBASE}/etc/openldap/schema/
+CONFIGURE_ARGS+=	--enable-ldap \
+			--with-ldap-schema-directory=${LOCALBASE}/etc/openldap/schema/ \
+			--disable-ldap-doc
 PLIST_SUB+=		OPENLDAP=""
 MAN8+=			perditiondb_ldap_makedb.8
 .else
How-To-Repeat: Example: perl -e 'print "abc%n\x00\n"' | nc perdition.example.com 143 
if you got NO error message you are vulnerable.

More information: http://www.sec-consult.com/300.html
Comment 1 thomas 2007-11-04 13:19:22 UTC
Hello

Arved told me how to make a correct diff. Please use this one:
http://www.bsdunix.ch/public/FreeBSD/ports/perdition/perdition.diff

Please delete this two patches in /files:
patch-perdition::db::daemon::Makefile.in (not necessary anymore)
patch-perdition-db-ldap-perditiondb_ldap (not necessary anymore)

Regards,
Thomas Vogt
Comment 2 Beech Rintoul freebsd_committer freebsd_triage 2007-11-05 05:18:15 UTC
Responsible Changed
From-To: freebsd-ports-bugs->beech

I'll take it.
Comment 3 dfilter service freebsd_committer freebsd_triage 2007-11-06 09:58:54 UTC
beech       2007-11-06 09:58:50 UTC

  FreeBSD ports repository

  Modified files:
    security/vuxml       vuln.xml 
  Log:
  - Add entry for mail/perdition
  
  PR:             ports/117796
  Approved by:    portmgr (pav), linimon (mentor)
  
  Revision  Changes    Path
  1.1465    +32 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 4 dfilter service freebsd_committer freebsd_triage 2007-11-06 11:08:22 UTC
beech       2007-11-06 11:08:18 UTC

  FreeBSD ports repository

  Modified files:
    mail/perdition       Makefile distinfo pkg-plist 
    mail/perdition/files patch-etc-Makefile.in 
                         patch-etc-perdition-Makefile.in 
                         patch-makebdb-Makefile.in 
                         patch-perdition-db-bdb-Makefile.in 
                         patch-perdition-db-posix_regex-Makefile.in 
  Removed files:
    mail/perdition/files patch-perdition-db-ldap-perditiondb_ldap 
                         patch-perdition::db::daemon::Makefile.in 
  Log:
  - Security update to 1.17.1
  
  PR:             ports/117796
  Submitted by:   Thomas Vogt <thomas@bsdunix.ch> (maintainer)
  Approved by:    portmgr (pav), linimon (mentor)
  Security:       http://www.sec-consult.com/300.html
  
  Revision  Changes    Path
  1.33      +5 -3      ports/mail/perdition/Makefile
  1.11      +3 -3      ports/mail/perdition/distinfo
  1.3       +11 -11    ports/mail/perdition/files/patch-etc-Makefile.in
  1.2       +20 -15    ports/mail/perdition/files/patch-etc-perdition-Makefile.in
  1.2       +8 -8      ports/mail/perdition/files/patch-makebdb-Makefile.in
  1.3       +7 -7      ports/mail/perdition/files/patch-perdition-db-bdb-Makefile.in
  1.2       +0 -18     ports/mail/perdition/files/patch-perdition-db-ldap-perditiondb_ldap (dead)
  1.3       +20 -15    ports/mail/perdition/files/patch-perdition-db-posix_regex-Makefile.in
  1.3       +0 -11     ports/mail/perdition/files/patch-perdition::db::daemon::Makefile.in (dead)
  1.8       +1 -0      ports/mail/perdition/pkg-plist
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 5 Beech Rintoul freebsd_committer freebsd_triage 2007-11-06 11:08:44 UTC
State Changed
From-To: open->closed

Committed, Thanks!