Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 19 Nov 2003 09:26:31 +0100 (CET)
From:      Jan-Peter Koopmann <j.koopmann@seceidos.de>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        kuriyama@FreeBSD.org
Subject:   ports/59457: [PATCH] mail/p5-MIME-Tools: applied additional security patches
Message-ID:  <200311190826.hAJ8QV0n071571@services.intern.seceidos.de>
Resent-Message-ID: <200311190830.hAJ8UIhn084735@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         59457
>Category:       ports
>Synopsis:       [PATCH] mail/p5-MIME-Tools: applied additional security patches
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Nov 19 00:30:18 PST 2003
>Closed-Date:
>Last-Modified:
>Originator:     Jan-Peter Koopmann
>Release:        FreeBSD 4.8-STABLE i386
>Organization:
>Environment:
System: FreeBSD services.intern.seceidos.de 4.8-STABLE FreeBSD 4.8-STABLE #0: Mon Aug  4 11:45:56 CEST
>Description:

I added some security patches to MIME-Tools. The patches I installed can be found here:

http://www.sng.ecs.soton.ac.uk/mailscanner/install/mime-tools-patch.txt
http://www.sng.ecs.soton.ac.uk/mailscanner/install/mime-tools-patch2.txt
http://www.sng.ecs.soton.ac.uk/mailscanner/install/mime-tools-patch3.txt
http://www.sng.ecs.soton.ac.uk/mailscanner/install/mime-tools-patch4.txt

Apparently mime-tools-patch.txt was already applied by kuriyama but the 
others have not. I mailed kuriyama but did not get a reply that is why I 
chose to patch it myself and submit this request. Without these patches 
the original CPAN version has some rather severe security problems. 
This was particularly scary since MailScanner uses p5-MIME-Tools and
people needed to patch some libs after installing this port.

Port maintainer (kuriyama@FreeBSD.org) is cc'd.

Generated with FreeBSD Port Tools 0.50
>How-To-Repeat:
>Fix:

--- p5-MIME-Tools-5.411a_3,1.patch begins here ---
diff -ruN --exclude=CVS /server-root/ports/mail/p5-MIME-Tools.orig/Makefile /server-root/ports/mail/p5-MIME-Tools/Makefile
--- /server-root/ports/mail/p5-MIME-Tools.orig/Makefile	Tue Oct 28 01:55:24 2003
+++ /server-root/ports/mail/p5-MIME-Tools/Makefile	Wed Nov 19 09:18:34 2003
@@ -7,7 +7,7 @@
 
 PORTNAME=	p5-MIME-Tools
 PORTVERSION=	5.411a
-PORTREVISION=	2
+PORTREVISION=	3
 PORTEPOCH=	1
 CATEGORIES=	mail perl5
 MASTER_SITES=	${MASTER_SITE_PERL_CPAN}
diff -ruN --exclude=CVS /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-ParamVal.pm /server-root/ports/mail/p5-MIME-Tools/files/patch-ParamVal.pm
--- /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-ParamVal.pm	Tue Oct 28 01:55:25 2003
+++ /server-root/ports/mail/p5-MIME-Tools/files/patch-ParamVal.pm	Wed Nov 19 09:14:41 2003
@@ -1,5 +1,59 @@
---- lib/MIME/Field/ParamVal.pm.orig	Sun Nov  5 04:54:49 2000
-+++ lib/MIME/Field/ParamVal.pm	Thu Jun  6 10:15:15 2002
+--- ../MIME-tools-5.411.orig/lib/MIME/Field/ParamVal.pm	Sat Nov  4 20:54:49 2000
++++ lib/MIME/Field/ParamVal.pm	Wed Nov 19 09:13:45 2003
+@@ -9,42 +9,42 @@
+ =head1 SYNOPSIS
+ 
+     # Create an object for a content-type field:
+-    $field = new Mail::Field 'Content-type'; 
+-     
++    $field = new Mail::Field 'Content-type';
++
+     # Set some attributes:
+     $field->param('_'        => 'text/html');
+     $field->param('charset'  => 'us-ascii');
+     $field->param('boundary' => '---ABC---');
+-     
++
+     # Same:
+     $field->set('_'        => 'text/html',
+ 		'charset'  => 'us-ascii',
+ 		'boundary' => '---ABC---');
+-      
++
+     # Get an attribute, or undefined if not present:
+     print "no id!"  if defined($field->param('id'));
+-     
++
+     # Same, but use empty string for missing values:
+     print "no id!"  if ($field->paramstr('id') eq '');
+-                    
++
+     # Output as string:
+     print $field->stringify, "\n";
+ 
+ 
+ =head1 DESCRIPTION
+ 
+-This is an abstract superclass of most MIME fields.  It handles 
++This is an abstract superclass of most MIME fields.  It handles
+ fields with a general syntax like this:
+ 
+     Content-Type: Message/Partial;
+-        number=2; total=3;
+-        id="oc=jpbe0M2Yt4s@thumper.bellcore.com"
++	number=2; total=3;
++	id="oc=jpbe0M2Yt4s@thumper.bellcore.com"
+ 
+ Comments are supported I<between> items, like this:
+ 
+     Content-Type: Message/Partial; (a comment)
+-        number=2  (another comment) ; (yet another comment) total=3;
+-        id="oc=jpbe0M2Yt4s@thumper.bellcore.com"
++	number=2  (another comment) ; (yet another comment) total=3;
++	id="oc=jpbe0M2Yt4s@thumper.bellcore.com"
+ 
+ 
+ =head1 PUBLIC INTERFACE
 @@ -100,6 +100,9 @@
  #      token      =  1*<any  (ASCII) CHAR except SPACE, CTLs, or tspecials>
  #
@@ -20,6 +74,37 @@
  
  #------------------------------
  #
+@@ -133,7 +139,7 @@
+ 		  'total'   => 3,
+ 		  'id'      => "ocj=pbe0M2");
+ 
+-Note that a single argument is taken to be a I<reference> to 
++Note that a single argument is taken to be a I<reference> to
+ a paramhash, while multiple args are taken to be the elements
+ of the paramhash themselves.
+ 
+@@ -160,16 +166,16 @@
+ it as a hash reference.  For example, here is a field with parameters:
+ 
+     Content-Type: Message/Partial;
+-        number=2; total=3;
+-        id="oc=jpbe0M2Yt4s@thumper.bellcore.com"
++	number=2; total=3;
++	id="oc=jpbe0M2Yt4s@thumper.bellcore.com"
+ 
+ Here is how you'd extract them:
+ 
+     $params = $class->parse_params('content-type');
+     if ($$params{'_'} eq 'message/partial') {
+-        $number = $$params{'number'};
+-        $total  = $$params{'total'};
+-        $id     = $$params{'id'};
++	$number = $$params{'number'};
++	$total  = $$params{'total'};
++	$id     = $$params{'id'};
+     }
+ 
+ Like field names, parameter names are coerced to lowercase.
 @@ -181,10 +187,40 @@
  
  =cut
@@ -112,3 +197,12 @@
  	debug "   field param <$param> = <$params{$param}>";
      }
  
+@@ -227,7 +301,7 @@
+ 
+     # Allow use as constructor, for MIME::Head:
+     ref($self) or $self = bless({}, $self);
+-    
++
+     # Get params, and stuff them into the self object:
+     $self->set($self->parse_params($string));
+ }
diff -ruN --exclude=CVS /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-Parser.pm /server-root/ports/mail/p5-MIME-Tools/files/patch-Parser.pm
--- /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-Parser.pm	Thu Jan  1 01:00:00 1970
+++ /server-root/ports/mail/p5-MIME-Tools/files/patch-Parser.pm	Wed Nov 19 09:14:41 2003
@@ -0,0 +1,75 @@
+--- ../MIME-tools-5.411.orig/lib/MIME/Parser.pm	Sun Nov 12 06:55:11 2000
++++ lib/MIME/Parser.pm	Wed Nov 19 09:13:57 2003
+@@ -378,16 +378,17 @@
+ =item extract_nested_messages OPTION
+ 
+ I<Instance method.>
+-Some MIME messages will contain a part of type C<message/rfc822>:
++Some MIME messages will contain a part of type C<message/rfc822>
++or C<message/partial> or C<message/external-body>:
+ literally, the text of an embedded mail/news/whatever message.  
+ This option controls whether (and how) we parse that embedded message.
+ 
+ If the OPTION is false, we treat such a message just as if it were a 
+ C<text/plain> document, without attempting to decode its contents.  
+ 
+-If the OPTION is true (the default), the body of the C<message/rfc822> 
+-part is parsed by this parser, creating an entity object.  
+-What happens then is determined by the actual OPTION:
++If the OPTION is true (the default), the body of the C<message/rfc822>
++or C<message/partial> part is parsed by this parser, creating an
++entity object.  What happens then is determined by the actual OPTION:
+ 
+ =over 4
+ 
+@@ -592,6 +593,7 @@
+ #
+ # I<Instance method.>
+ # Process and return the next header.
++# Return undef if, instead of a header, the encapsulation boundary is found.
+ # Fatal exception on failure.
+ #
+ sub process_header {
+@@ -612,6 +614,10 @@
+     foreach (@headlines) { s/[\r\n]+\Z/\n/ }  ### fold
+ 
+     ### How did we do?
++    if ($hdr_rdr->eos_type eq 'DELIM') {
++       $self->whine("bogus part, without CRLF before body");
++       return;
++    }
+     ($hdr_rdr->eos_type eq 'DONE') or
+ 	$self->error("unexpected end of header\n");
+ 
+@@ -983,7 +989,17 @@
+ 
+     ### Parse and add the header:
+     my $head = $self->process_header($in, $rdr);
+-    $ent->head($head);   
++    if (not defined $head) {
++       $self->debug("bogus empty part");
++       $head = $self->interface('HEAD_CLASS')->new;
++       $head->mime_type('text/plain; charset=US-ASCII');
++       $ent->head($head);
++       $ent->bodyhandle($self->new_body_for($head));
++       $ent->bodyhandle->open("w")->close;
++       $self->results->level(-1);
++       return $ent;
++    }
++    $ent->head($head);
+ 
+     ### Tweak the content-type based on context from our parent...
+     ### For example, multipart/digest messages default to type message/rfc822:
+@@ -997,8 +1013,10 @@
+     if ($type eq 'multipart') {
+ 	$self->process_multipart($in, $rdr, $ent);
+     }
+-    elsif (("$type/$subtype" eq "message/rfc822") && 
+-	   $self->extract_nested_messages) {
++    elsif (("$type/$subtype" eq "message/rfc822" ||
++            "$type/$subtype" eq "message/external-body" ||
++	    ("$type/$subtype" eq "message/partial" && $head->mime_attr("content-type.number") == 1)) && 
++	    $self->extract_nested_messages) {
+ 	$self->debug("attempting to process a nested message");
+ 	$self->process_message($in, $rdr, $ent);
+     }
diff -ruN --exclude=CVS /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-Words.pm /server-root/ports/mail/p5-MIME-Tools/files/patch-Words.pm
--- /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-Words.pm	Tue Oct 28 01:55:25 2003
+++ /server-root/ports/mail/p5-MIME-Tools/files/patch-Words.pm	Wed Nov 19 09:14:41 2003
@@ -1,5 +1,5 @@
---- lib/MIME/Words.pm.orig	Sat Nov 11 01:45:12 2000
-+++ lib/MIME/Words.pm	Thu Jun  6 10:15:15 2002
+--- ../MIME-tools-5.411.orig/lib/MIME/Words.pm	Fri Nov 10 17:45:12 2000
++++ lib/MIME/Words.pm	Wed Nov 19 09:13:45 2003
 @@ -186,7 +186,7 @@
      $@ = '';           ### error-return
  
--- p5-MIME-Tools-5.411a_3,1.patch ends here ---

>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311190826.hAJ8QV0n071571>