From owner-cvs-ports@FreeBSD.ORG Thu May 6 10:07:20 2004 Return-Path: Delivered-To: cvs-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A433116A4CE; Thu, 6 May 2004 10:07:20 -0700 (PDT) Received: from fillmore.dyndns.org (port-212-202-49-130.reverse.qsc.de [212.202.49.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id BC53E43D31; Thu, 6 May 2004 10:07:05 -0700 (PDT) (envelope-from eikemeier@fillmore-labs.com) Received: from [172.16.0.2] (helo=fillmore-labs.com) by fillmore.dyndns.org with esmtp (Exim 4.33; FreeBSD) id 1BLmKt-0003MX-Eo; Thu, 06 May 2004 19:07:04 +0200 Message-ID: <409A70B6.20000@fillmore-labs.com> Date: Thu, 06 May 2004 19:07:02 +0200 From: Oliver Eikemeier Organization: Fillmore Labs GmbH - http://www.fillmore-labs.com/ MIME-Version: 1.0 To: "Jacques A. Vidrine" References: <200405061543.i46FhrL2015423@repoman.freebsd.org> <20040506160133.GB790@madman.celabo.org> <409A658A.30206@fillmore-labs.com> <20040506162842.GA1129@madman.celabo.org> In-Reply-To: <20040506162842.GA1129@madman.celabo.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit User-Agent: KMail/1.5.9 cc: cvs-ports@FreeBSD.org cc: cvs-all@FreeBSD.org cc: ports-committers@FreeBSD.org Subject: Re: cvs commit: ports/security/vuxml vuln.xml X-BeenThere: cvs-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 May 2004 17:07:20 -0000 Jacques A. Vidrine wrote: > On Thu, May 06, 2004 at 06:19:22PM +0200, Oliver Eikemeier wrote: > >>Jacques A. Vidrine wrote: >> >> >>>On Thu, May 06, 2004 at 08:43:53AM -0700, Oliver Eikemeier wrote: >>> >>> >>>>eik 2004/05/06 08:43:53 PDT >>>> >>>>FreeBSD ports repository >>>> >>>>Modified files: >>>> security/vuxml vuln.xml >>>>Log: >>>>exim buffer overflow when verify = header_syntax is used >>>> >>>>Revision Changes Path >>>>1.90 +27 -0 ports/security/vuxml/vuln.xml >>> >>>Thanks! >>>Actually, there are two bugs: CAN-2004-0399 CAN-2004-0400 >>>Were both of these fixed? >> >>I guess I have no access to the preliminary information >>CAN-2004-0399 contains, so I can't tell. > > George's advisory included two bugs: > > CAN-2004-0399: exim buffer overflows with sender address/host name > when sender_verify is enabled > > CAN-2004-0400: exim buffer overflow with header name when > headers_check_syntax is enabled > > Maybe only one of them affected the version of exim we have? Neither do I know George. The advisory I refer to is I verified that what is called `bug2' affects FreeBSD when `verify = header_syntax' is used (which is not done in the default configuration file), `bug1' is mentioned as effecting exim 3.35, which is a stupid Debianism. Exim 3.36 is available since April 2002 in FreeBSD as mail/exim-old, is FORBIDDEN since September 2003 and has been removed from the ports tree March 2004. `verify = header_syntax' used to be `headers_check_syntax' in Exim 3.x, so obviously Georgi Guninski and the George writing the CVE list entries are Debian users. -Oliver