Bug 42562 - mail/zmailer
Summary: mail/zmailer
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-ports (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2002-09-08 22:10 UTC by Tilman Linneweh
Modified: 2002-09-09 14:15 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tilman Linneweh 2002-09-08 22:10:04 UTC 
	Two weeks ago nectar commited patch-smtpserver::smtpcmds.c to this port.
	Commitlog says it should fix a potential remote buffer overflow.

	nectar probably grabbed this patch from Bugtraq and committed it 
	without testing.

	Problem: The Patch is against  2.99.55. The FreeBSD port is at version
	2.99.51. So the patch did not apply.

	Version 2.99.51 doesn't contain the piece of buggy code, the patch wants	fix.

Fix: 

Easy fix:
	Remove patch-smtpserver::smtpcmds.c from Repository

	Difficult Fix:
	Update the port to the latest version, so that the patch applies.
How-To-Repeat: 	take a look at bento's errorlog
Comment 1 Jacques Vidrine freebsd_committer freebsd_triage 2002-09-09 01:04:53 UTC 
On Sun, Sep 08, 2002 at 11:09:35PM +0200, Tilman Linneweh wrote:
> >Description:
>
>       Two weeks ago nectar commited patch-smtpserver::smtpcmds.c to
>       this port.  Commitlog says it should fix a potential remote
>       buffer overflow.
>
>       nectar probably grabbed this patch from Bugtraq and committed
>       it without testing.

No, I derived the (trivial) fix myself and tested it.  The problem is
simply that I generated the patch reversed ... thanks for catching!
I've fixed it now.

>       Problem: The Patch is against 2.99.55. The FreeBSD port is at
>       version 2.99.51. So the patch did not apply.
>
>       Version 2.99.51 doesn't contain the piece of buggy code, the
>       patch wants fix.

Maybe you are thinking of some other issue?  The issue I fixed was
found in 2.99.51 by 3APA3A and was not reported to bugtraq at the time
that I was notified.

Cheers,
-- 
Jacques A. Vidrine <nectar@celabo.org>          http://www.celabo.org/
NTT/Verio SME          .     FreeBSD UNIX     .       Heimdal Kerberos
jvidrine@verio.net     .  nectar@FreeBSD.org  .          nectar@kth.se
Comment 2 Tilman Linneweh 2002-09-09 01:11:14 UTC 
* "Jacques A. Vidrine" <nectar@FreeBSD.org> [Sun, 8 Sep 2002 19:04:53 -0500]:
> >       Two weeks ago nectar commited patch-smtpserver::smtpcmds.c to
> >       this port.  Commitlog says it should fix a potential remote
> >       buffer overflow.
> >
> >       nectar probably grabbed this patch from Bugtraq and committed
> >       it without testing.
> 
> No, I derived the (trivial) fix myself and tested it.  The problem is
> simply that I generated the patch reversed ... thanks for catching!
> I've fixed it now.

Thanks.

> >       Problem: The Patch is against 2.99.55. The FreeBSD port is at
> >       version 2.99.51. So the patch did not apply.
> >
> >       Version 2.99.51 doesn't contain the piece of buggy code, the
> >       patch wants fix.
>
> Maybe you are thinking of some other issue?  The issue I fixed was
> found in 2.99.51 by 3APA3A and was not reported to bugtraq at the time
> that I was notified.

No, i was just guessing too much, I don't have two weeks archive of Bugtraq in
my brain :)

regards
arved
Comment 3 Jacques Vidrine freebsd_committer freebsd_triage 2002-09-09 14:14:55 UTC 
State Changed
From-To: open->closed

patch was reversed.  this has been fixed.