bug#1720: marked as done (mutt-1.5.4i: none)
Your message dated Sun, 4 Jan 2004 11:41:38 +0100
with message-id <20040104104138.GI9799@xxxxxxxxxxxxxxxxxxxxxxxxxx>
and subject line (no subject)
has caused the attached bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Herr der Kaefer
(administrator, GUUG bugs database)
--------------------------------------
Received: (at submit) by bugs.guug.de; 30 Nov 2003 09:57:10 +0000
>From freak88@xxxxxxxxxxxxxxxx Sun Nov 30 10:57:08 2003
Received: from cs6669128-25.houston.rr.com
([66.69.128.25] helo=krappie.brain.cx ident=mail)
by trithemius.gnupg.org with esmtp (Exim 3.35 #1 (Debian))
id 1AQOKB-00065n-00
for <submit@xxxxxxxxxxxx>; Sun, 30 Nov 2003 10:57:08 +0100
Received: from freak88 by krappie.brain.cx with local (Exim 3.36 #1 (Debian))
id 1AQOMm-0003UE-00
for <submit@xxxxxxxxxxxx>; Sun, 30 Nov 2003 03:59:48 -0600
From: krappie@xxxxxxxx
Subject: mutt-1.5.4i: none
To: submit@xxxxxxxxxxxx
Message-Id: <E1AQOMm-0003UE-00@xxxxxxxxxxxxxxxx>
Sender: <freak88@xxxxxxxxxxxxxxxx>
Date: Sun, 30 Nov 2003 03:59:48 -0600
X-Spam-Status: No, hits=-3.3 required=5.0
tests=BAYES_01,NO_REAL_NAME,UPPERCASE_25_50
version=2.55
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
Package: mutt
Version: 1.5.4+20031024
Severity: critical
-- Please type your report below this line
Buffer OverFlow is posible when it has allready been ran as root via an email
capable of leading to a full system compromize
a non serius issue also exist`s when a large buffer is sent to it`s command line
-- System Information
System Version: Linux krappie.brain.cx 2.6.0-test4-1-386 #5 Thu Sep 4 21:30:10
EST 2003 i686 GNU/Linux
-- Build environment information
(Note: This is the build environment installed on the system
muttbug is run on. Information may or may not match the environment
used to build mutt.)
- gcc version information
cc
Reading specs from /usr/lib/gcc-lib/i486-linux/3.3.2/specs
Configured with: ../src/configure -v
--enable-languages=c,c++,java,f77,pascal,objc,ada,treelang --prefix=/usr
--mandir=/usr/share/man --infodir=/usr/share/info
--with-gxx-include-dir=/usr/include/c++/3.3 --enable-shared --with-system-zlib
--enable-nls --without-included-gettext --enable-__cxa_atexit
--enable-clocale=gnu --enable-debug --enable-java-gc=boehm
--enable-java-awt=xlib --enable-objc-gc i486-linux
Thread model: posix
gcc version 3.3.2 (Debian)
- CFLAGS
-Wall -pedantic -g -O2
-- Mutt Version Information
Mutt 1.5.4i (2003-03-19)
Copyright (C) 1996-2002 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.
System: Linux 2.6.0-test4-1-386 (i686) [using ncurses 5.3] [using libidn 0.1.14
(compiled with 0.1.14)]
Compile options:
-DOMAIN
-DEBUG
-HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE
+USE_FCNTL -USE_FLOCK
+USE_POP +USE_IMAP +IMAP_EDIT_THREADS -USE_GSS -USE_SSL +USE_GNUTLS
+USE_SASL +USE_SASL2
+HAVE_REGCOMP -USE_GNU_REGEX
+HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET
+HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM
+CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME -CRYPT_BACKEND_GPGME
-BUFFY_SIZE -EXACT_ADDRESS -SUN_ATTACHMENT
+ENABLE_NLS -LOCALES_HACK +COMPRESSED +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET
+HAVE_LANGINFO_YESEXPR
+HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +HAVE_GETADDRINFO
ISPELL="/usr/bin/ispell"
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/mutt"
SYSCONFDIR="/etc"
EXECSHELL="/bin/sh"
MIXMASTER="mixmaster"
To contact the developers, please mail to <mutt-dev@xxxxxxxx>.
To report a bug, please use the flea(1) utility.
patch-1.5.4.vk.pgp_verbose_mime
patch-1.5.3.rr.compressed.1
patch-1.5.4.helmersson.incomplete_multibyte
patch-1.5.4.fw.maildir_inode_sort
patch-1.3.23.1.ametzler.pgp_good_sign
patch-1.5.3.Md.gpg_status_fd
patch-1.4.Md.gpg-agent
patch-1.5.3.Md.etc_mailname_gethostbyname
patch-1.5.1.cd.edit_threads.9.2
patch-1.3.27.bse.xtitles.1
Md.use_debian_editor
Md.muttbug
patch-1.4.admcd.gnutlsdlopen.53d
patch-1.4.admcd.gnutlsbuild.53d
patch-1.4.admcd.gnutls.56d
---------------------------------------
Received: (at 1720-done) by bugs.guug.de; 4 Jan 2004 10:39:02 +0000
>From roessler+bounce@xxxxxxxxxxxxxxxxxx Sun Jan 04 11:39:00 2004
Received: from does-not-exist.info ([217.160.221.198]
helo=kamino.does-not-exist.org)
by trithemius.gnupg.org with esmtp (Exim 3.35 #1 (Debian))
id 1Ad5eu-0005cf-00
for <1720-done@xxxxxxxxxxxx>; Sun, 04 Jan 2004 11:39:00 +0100
Received: from voyager.does-not-exist.org (p3E9B9DFA.dip0.t-ipconnect.de
[62.155.157.250])
(using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))
(No client certificate requested)
by kamino.does-not-exist.org (Postfix) with ESMTP
id 146593140D5; Sun, 4 Jan 2004 11:41:41 +0100 (CET)
Received: by voyager.does-not-exist.org (Postfix, from userid 500)
id 52CCE8076; Sun, 4 Jan 2004 11:41:38 +0100 (CET)
Date: Sun, 4 Jan 2004 11:41:38 +0100
From: Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxx>
To: 1720-done@xxxxxxxxxxxx
Message-ID: <20040104104138.GI9799@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.5.1i
X-Spam-Status: No, hits=-108.4 required=4.0
tests=AWL,BAYES_01,USER_AGENT_MUTT,USER_IN_WHITELIST
autolearn=ham version=2.55
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
Submitter unreachable; bug report lacks any kind of information on
where the error might be or how to reproduce it. Closing this bug
report.
--
Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxx>