Debian Bug report logs - #348747
fetchmail: segfault when submitting dsn to local postmaster

version graph

Package: fetchmail; Maintainer for fetchmail is Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>; Source for fetchmail is src:fetchmail.

Reported by: "Nathaniel W. Turner" <nate@houseofnate.net>

Date: Wed, 18 Jan 2006 19:48:12 UTC

Severity: important

Tags: confirmed, fixed-upstream, patch, security, upstream

Found in version fetchmail/6.3.1-4

Fixed in version fetchmail/6.3.2-1

Done: Hector Garcia <hector@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>:
Bug#348747; Package fetchmail. Full text and rfc822 format available.

Acknowledgement sent to "Nathaniel W. Turner" <nate@houseofnate.net>:
New Bug report received and forwarded. Copy sent to Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: "Nathaniel W. Turner" <nate@houseofnate.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: fetchmail: segfault when submitting dsn to local postmaster
Date: Wed, 18 Jan 2006 14:29:18 -0500
[Message part 1 (text/plain, inline)]
Package: fetchmail
Version: 6.3.1-4
Severity: important

After upgrading to 6.3.1-4, fetchmail dies with a segmentation fault
after trying to process the first message.  The transcript of the
session, a sanitized fetchmailrc, and the message in question are
attached to this report.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-k7
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages fetchmail depends on:
ii  adduser                       3.80       Add and remove users and groups
ii  debianutils                   2.15.1     Miscellaneous utilities specific t
ii  gettext                       0.14.5-2   GNU Internationalization utilities
ii  libc6                         2.3.5-8.1  GNU C Library: Shared libraries an
ii  libssl0.9.8                   0.9.8a-5   SSL shared libraries

Versions of packages fetchmail recommends:
ii  ca-certificates               20050804   Common CA Certificates PEM files

-- no debconf information
[fetchmailrc (text/plain, attachment)]
[transcript-1 (text/x-mail, attachment)]
[message.gz (application/octet-stream, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>:
Bug#348747; Package fetchmail. Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nico@ngolde.de>:
Extra info received and forwarded to list. Copy sent to Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #10 received at 348747@bugs.debian.org (full text, mbox):

From: Nico Golde <nico@ngolde.de>
To: "Nathaniel W. Turner" <nate@houseofnate.net>, 348747@bugs.debian.org
Cc: control@bugs.debian.org
Subject: Re: [pkg-fetchmail-maint] Bug#348747: fetchmail: segfault when submitting dsn to local postmaster
Date: Wed, 18 Jan 2006 21:10:46 +0100
[Message part 1 (text/plain, inline)]
tags 348747 + upstream
Hi,
* Nathaniel W. Turner <nate@houseofnate.net> [2006-01-18 21:03]:
> Package: fetchmail
> Version: 6.3.1-4
> Severity: important
> 
> After upgrading to 6.3.1-4, fetchmail dies with a segmentation fault
> after trying to process the first message.  The transcript of the
> session, a sanitized fetchmailrc, and the message in question are
> attached to this report.

[...] 
thanks forwarded upstream.
regards nico
-- 
Nico Golde - JAB: nion@jabber.ccc.de | GPG: 0x73647CFF
http://www.ngolde.de | http://www.muttng.org | http://grml.org
Forget about that mouse with 3/4/5 buttons -
gimme a keyboard with 103/104/105 keys!
[Message part 2 (application/pgp-signature, inline)]

Tags added: upstream Request was from Nico Golde <nico@ngolde.de> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>:
Bug#348747; Package fetchmail. Full text and rfc822 format available.

Acknowledgement sent to "Nathaniel W. Turner" <nate@houseofnate.net>:
Extra info received and forwarded to list. Copy sent to Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #17 received at 348747@bugs.debian.org (full text, mbox):

From: "Nathaniel W. Turner" <nate@houseofnate.net>
To: 348747@bugs.debian.org
Subject: Re: fetchmail: segfault when submitting dsn to local postmaster
Date: Wed, 18 Jan 2006 15:12:47 -0500
I should add that downgrading to fetchmail 6.2.5.4-1 makes the problem
go away.




Information forwarded to debian-bugs-dist@lists.debian.org, Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>:
Bug#348747; Package fetchmail. Full text and rfc822 format available.

Acknowledgement sent to Matthias Andree <matthias.andree@gmx.de>:
Extra info received and forwarded to list. Copy sent to Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #22 received at 348747@bugs.debian.org (full text, mbox):

From: Matthias Andree <matthias.andree@gmx.de>
To: "Nathaniel W. Turner" <nate@houseofnate.net>
Cc: 348747@bugs.debian.org
Subject: Re: Bug#348747: fetchmail: segfault when submitting dsn to local postmaster
Date: Thu, 19 Jan 2006 03:33:27 +0100
[Message part 1 (text/plain, inline)]
"Nathaniel W. Turner" <nate@houseofnate.net> writes:

> After upgrading to 6.3.1-4, fetchmail dies with a segmentation fault
> after trying to process the first message.  The transcript of the
> session, a sanitized fetchmailrc, and the message in question are
> attached to this report.

Thank you for the bug report. It turns out the closer circumstances of
the bounce wouldn't matter; valgrind quickly pinpointed the bug to a
bogus free() call.

I broke this when I removed alloca() and added the necessary free()
code. My code tried to decrement a pointer address before dereferencing,
rather than decrementing the dereferenced pointer; this resulted in
frequent segfaults on machines that support unaligned access and bus
errors on those that don't (SPARC). Turns out the fix is rather simple.

(Attached.)

Note the patch has had little testing (it fixes the immediate valgrind
problem and looks less stupid). Please test and report.

Kind regards,

-- 
Matthias Andree
[bug348747.patch (text/x-patch, attachment)]

Severity set to `grave'. Request was from matthias.andree@gmx.de (Matthias Andree) to control@bugs.debian.org. Full text and rfc822 format available.

Tags added: confirmed, patch, fixed-upstream, security Request was from matthias.andree@gmx.de (Matthias Andree) to control@bugs.debian.org. Full text and rfc822 format available.

Severity set to `important'. Request was from matthias.andree@gmx.de (Matthias Andree) to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>:
Bug#348747; Package fetchmail. Full text and rfc822 format available.

Acknowledgement sent to Matthias Andree <matthias.andree@gmx.de>:
Extra info received and forwarded to list. Copy sent to Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #33 received at 348747@bugs.debian.org (full text, mbox):

From: Matthias Andree <matthias.andree@gmx.de>
To: Matthias Andree <matthias.andree@gmx.de>
Cc: 348747@bugs.debian.org, "Nathaniel W. Turner" <nate@houseofnate.net>
Subject: Re: [pkg-fetchmail-maint] Bug#348747: fetchmail: segfault when submitting dsn to local postmaster
Date: Thu, 19 Jan 2006 03:59:09 +0100
[Message part 1 (text/plain, inline)]
Turns out we need a 2nd patch to fix a 2nd occurrence of this bug.
This patch goes on top of the previous.

-- 
Matthias Andree
[bug348747-incr2.patch (text/x-patch, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>:
Bug#348747; Package fetchmail. Full text and rfc822 format available.

Acknowledgement sent to "Nathaniel W. Turner" <nate@houseofnate.net>:
Extra info received and forwarded to list. Copy sent to Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #38 received at 348747@bugs.debian.org (full text, mbox):

From: "Nathaniel W. Turner" <nate@houseofnate.net>
To: Matthias Andree <matthias.andree@gmx.de>
Cc: 348747@bugs.debian.org
Subject: Re: [pkg-fetchmail-maint] Bug#348747: fetchmail: segfault when submitting dsn to local postmaster
Date: Thu, 19 Jan 2006 11:27:09 -0500
On Wednesday 18 January 2006 9:59 pm, Matthias Andree wrote:
> Turns out we need a 2nd patch to fix a 2nd occurrence of this bug.
> This patch goes on top of the previous.

Thank you for the quick response.  Your patches do indeed fix the problem I 
was seeing.

Cheers,
nate

-- 
Nathaniel W. Turner
http://houseofnate.net/



Information forwarded to debian-bugs-dist@lists.debian.org, Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>:
Bug#348747; Package fetchmail. Full text and rfc822 format available.

Acknowledgement sent to matthias.andree@gmx.de (Matthias Andree):
Extra info received and forwarded to list. Copy sent to Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #43 received at 348747@bugs.debian.org (full text, mbox):

From: matthias.andree@gmx.de (Matthias Andree)
To: 348747@bugs.debian.org
Subject: CVE ID for this bug
Date: Fri, 20 Jan 2006 00:58:27 +0100
This bug is tracked by MITRE's CVE database as
CVE-2006-0321.



Tags added: pending Request was from Nico Golde <nico@ngolde.de> to control@bugs.debian.org. Full text and rfc822 format available.

Merged 348747 349580. Request was from matthias.andree@gmx.de (Matthias Andree) to control@bugs.debian.org. Full text and rfc822 format available.

Disconnected #349580 from all other report(s). Request was from Matthias Andree <matthias.andree@gmx.de> to control@bugs.debian.org. Full text and rfc822 format available.

Reply sent to Hector Garcia <hector@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to "Nathaniel W. Turner" <nate@houseofnate.net>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #54 received at 348747-close@bugs.debian.org (full text, mbox):

From: Hector Garcia <hector@debian.org>
To: 348747-close@bugs.debian.org
Subject: Bug#348747: fixed in fetchmail 6.3.2-1
Date: Tue, 24 Jan 2006 08:17:07 -0800
Source: fetchmail
Source-Version: 6.3.2-1

We believe that the bug you reported is fixed in the latest version of
fetchmail, which is due to be installed in the Debian FTP archive:

fetchmail_6.3.2-1.diff.gz
  to pool/main/f/fetchmail/fetchmail_6.3.2-1.diff.gz
fetchmail_6.3.2-1.dsc
  to pool/main/f/fetchmail/fetchmail_6.3.2-1.dsc
fetchmail_6.3.2-1_i386.deb
  to pool/main/f/fetchmail/fetchmail_6.3.2-1_i386.deb
fetchmail_6.3.2.orig.tar.gz
  to pool/main/f/fetchmail/fetchmail_6.3.2.orig.tar.gz
fetchmailconf_6.3.2-1_all.deb
  to pool/main/f/fetchmail/fetchmailconf_6.3.2-1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 348747@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Hector Garcia <hector@debian.org> (supplier of updated fetchmail package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 24 Jan 2006 16:46:51 +0100
Source: fetchmail
Binary: fetchmailconf fetchmail
Architecture: source i386 all
Version: 6.3.2-1
Distribution: unstable
Urgency: low
Maintainer: Fetchmail Maintainers <pkg-fetchmail-maint@lists.alioth.debian.org>
Changed-By: Hector Garcia <hector@debian.org>
Description: 
 fetchmail  - SSL enabled POP3, APOP, IMAP mail gatherer/forwarder
 fetchmailconf - fetchmail configurator
Closes: 344978 348747 348855 348964
Changes: 
 fetchmail (6.3.2-1) unstable; urgency=low
 .
   [ Nico Golde ]
   * New upstream release
     - Security fix of CVE-2006-0321 (Closes: #348747).
     - Fix help for poll interval and fetchall in
       fetchmailconf (Closes: #344978).
     - Don't complain about READ-ONLY IMAP folders in
        --fetchall --keep mode (Closes: #348964).
   * Removed 01_man_page.dpatch file upstream included it.
   * Fixed watch file to match on bz2 files.
 .
   [ Hector Garcia ]
   * Changed usermod --home to -d to prevent failure on old versions of passwd.
     (Closes: #348855)
Files: 
 7b8a6b200972e5a3aaf27b173160bb2e 748 mail optional fetchmail_6.3.2-1.dsc
 a661735496077232acedb82a901fa499 1522264 mail optional fetchmail_6.3.2.orig.tar.gz
 0f9e831329be857d4f4c13240500d817 168965 mail optional fetchmail_6.3.2-1.diff.gz
 91be87717a0ca11e330a75803e8c56b3 113918 mail optional fetchmailconf_6.3.2-1_all.deb
 2782505c75a20a2620fe1a0d54779a38 560632 mail optional fetchmail_6.3.2-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFD1k7fMwsDi2xjdG0RApWJAKDOkIFQaDVq/WkY+eFYtoUV/0F+9wCfbrnv
9bVUp9Yz4fS8FxoVVijQDSg=
=E9WA
-----END PGP SIGNATURE-----




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 25 Jun 2007 12:06:32 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 24 02:16:19 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.