Date: Wed, 19 Nov 2003 09:26:31 +0100 (CET) From: Jan-Peter Koopmann <j.koopmann@seceidos.de> To: FreeBSD-gnats-submit@FreeBSD.org Cc: kuriyama@FreeBSD.org Subject: ports/59457: [PATCH] mail/p5-MIME-Tools: applied additional security patches Message-ID: <200311190826.hAJ8QV0n071571@services.intern.seceidos.de> Resent-Message-ID: <200311190830.hAJ8UIhn084735@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 59457 >Category: ports >Synopsis: [PATCH] mail/p5-MIME-Tools: applied additional security patches >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Wed Nov 19 00:30:18 PST 2003 >Closed-Date: >Last-Modified: >Originator: Jan-Peter Koopmann >Release: FreeBSD 4.8-STABLE i386 >Organization: >Environment: System: FreeBSD services.intern.seceidos.de 4.8-STABLE FreeBSD 4.8-STABLE #0: Mon Aug 4 11:45:56 CEST >Description: I added some security patches to MIME-Tools. The patches I installed can be found here: http://www.sng.ecs.soton.ac.uk/mailscanner/install/mime-tools-patch.txt http://www.sng.ecs.soton.ac.uk/mailscanner/install/mime-tools-patch2.txt http://www.sng.ecs.soton.ac.uk/mailscanner/install/mime-tools-patch3.txt http://www.sng.ecs.soton.ac.uk/mailscanner/install/mime-tools-patch4.txt Apparently mime-tools-patch.txt was already applied by kuriyama but the others have not. I mailed kuriyama but did not get a reply that is why I chose to patch it myself and submit this request. Without these patches the original CPAN version has some rather severe security problems. This was particularly scary since MailScanner uses p5-MIME-Tools and people needed to patch some libs after installing this port. Port maintainer (kuriyama@FreeBSD.org) is cc'd. Generated with FreeBSD Port Tools 0.50 >How-To-Repeat: >Fix: --- p5-MIME-Tools-5.411a_3,1.patch begins here --- diff -ruN --exclude=CVS /server-root/ports/mail/p5-MIME-Tools.orig/Makefile /server-root/ports/mail/p5-MIME-Tools/Makefile --- /server-root/ports/mail/p5-MIME-Tools.orig/Makefile Tue Oct 28 01:55:24 2003 +++ /server-root/ports/mail/p5-MIME-Tools/Makefile Wed Nov 19 09:18:34 2003 @@ -7,7 +7,7 @@ PORTNAME= p5-MIME-Tools PORTVERSION= 5.411a -PORTREVISION= 2 +PORTREVISION= 3 PORTEPOCH= 1 CATEGORIES= mail perl5 MASTER_SITES= ${MASTER_SITE_PERL_CPAN} diff -ruN --exclude=CVS /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-ParamVal.pm /server-root/ports/mail/p5-MIME-Tools/files/patch-ParamVal.pm --- /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-ParamVal.pm Tue Oct 28 01:55:25 2003 +++ /server-root/ports/mail/p5-MIME-Tools/files/patch-ParamVal.pm Wed Nov 19 09:14:41 2003 @@ -1,5 +1,59 @@ ---- lib/MIME/Field/ParamVal.pm.orig Sun Nov 5 04:54:49 2000 -+++ lib/MIME/Field/ParamVal.pm Thu Jun 6 10:15:15 2002 +--- ../MIME-tools-5.411.orig/lib/MIME/Field/ParamVal.pm Sat Nov 4 20:54:49 2000 ++++ lib/MIME/Field/ParamVal.pm Wed Nov 19 09:13:45 2003 +@@ -9,42 +9,42 @@ + =head1 SYNOPSIS + + # Create an object for a content-type field: +- $field = new Mail::Field 'Content-type'; +- ++ $field = new Mail::Field 'Content-type'; ++ + # Set some attributes: + $field->param('_' => 'text/html'); + $field->param('charset' => 'us-ascii'); + $field->param('boundary' => '---ABC---'); +- ++ + # Same: + $field->set('_' => 'text/html', + 'charset' => 'us-ascii', + 'boundary' => '---ABC---'); +- ++ + # Get an attribute, or undefined if not present: + print "no id!" if defined($field->param('id')); +- ++ + # Same, but use empty string for missing values: + print "no id!" if ($field->paramstr('id') eq ''); +- ++ + # Output as string: + print $field->stringify, "\n"; + + + =head1 DESCRIPTION + +-This is an abstract superclass of most MIME fields. It handles ++This is an abstract superclass of most MIME fields. It handles + fields with a general syntax like this: + + Content-Type: Message/Partial; +- number=2; total=3; +- id="oc=jpbe0M2Yt4s@thumper.bellcore.com" ++ number=2; total=3; ++ id="oc=jpbe0M2Yt4s@thumper.bellcore.com" + + Comments are supported I<between> items, like this: + + Content-Type: Message/Partial; (a comment) +- number=2 (another comment) ; (yet another comment) total=3; +- id="oc=jpbe0M2Yt4s@thumper.bellcore.com" ++ number=2 (another comment) ; (yet another comment) total=3; ++ id="oc=jpbe0M2Yt4s@thumper.bellcore.com" + + + =head1 PUBLIC INTERFACE @@ -100,6 +100,9 @@ # token = 1*<any (ASCII) CHAR except SPACE, CTLs, or tspecials> # @@ -20,6 +74,37 @@ #------------------------------ # +@@ -133,7 +139,7 @@ + 'total' => 3, + 'id' => "ocj=pbe0M2"); + +-Note that a single argument is taken to be a I<reference> to ++Note that a single argument is taken to be a I<reference> to + a paramhash, while multiple args are taken to be the elements + of the paramhash themselves. + +@@ -160,16 +166,16 @@ + it as a hash reference. For example, here is a field with parameters: + + Content-Type: Message/Partial; +- number=2; total=3; +- id="oc=jpbe0M2Yt4s@thumper.bellcore.com" ++ number=2; total=3; ++ id="oc=jpbe0M2Yt4s@thumper.bellcore.com" + + Here is how you'd extract them: + + $params = $class->parse_params('content-type'); + if ($$params{'_'} eq 'message/partial') { +- $number = $$params{'number'}; +- $total = $$params{'total'}; +- $id = $$params{'id'}; ++ $number = $$params{'number'}; ++ $total = $$params{'total'}; ++ $id = $$params{'id'}; + } + + Like field names, parameter names are coerced to lowercase. @@ -181,10 +187,40 @@ =cut @@ -112,3 +197,12 @@ debug " field param <$param> = <$params{$param}>"; } +@@ -227,7 +301,7 @@ + + # Allow use as constructor, for MIME::Head: + ref($self) or $self = bless({}, $self); +- ++ + # Get params, and stuff them into the self object: + $self->set($self->parse_params($string)); + } diff -ruN --exclude=CVS /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-Parser.pm /server-root/ports/mail/p5-MIME-Tools/files/patch-Parser.pm --- /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-Parser.pm Thu Jan 1 01:00:00 1970 +++ /server-root/ports/mail/p5-MIME-Tools/files/patch-Parser.pm Wed Nov 19 09:14:41 2003 @@ -0,0 +1,75 @@ +--- ../MIME-tools-5.411.orig/lib/MIME/Parser.pm Sun Nov 12 06:55:11 2000 ++++ lib/MIME/Parser.pm Wed Nov 19 09:13:57 2003 +@@ -378,16 +378,17 @@ + =item extract_nested_messages OPTION + + I<Instance method.> +-Some MIME messages will contain a part of type C<message/rfc822>: ++Some MIME messages will contain a part of type C<message/rfc822> ++or C<message/partial> or C<message/external-body>: + literally, the text of an embedded mail/news/whatever message. + This option controls whether (and how) we parse that embedded message. + + If the OPTION is false, we treat such a message just as if it were a + C<text/plain> document, without attempting to decode its contents. + +-If the OPTION is true (the default), the body of the C<message/rfc822> +-part is parsed by this parser, creating an entity object. +-What happens then is determined by the actual OPTION: ++If the OPTION is true (the default), the body of the C<message/rfc822> ++or C<message/partial> part is parsed by this parser, creating an ++entity object. What happens then is determined by the actual OPTION: + + =over 4 + +@@ -592,6 +593,7 @@ + # + # I<Instance method.> + # Process and return the next header. ++# Return undef if, instead of a header, the encapsulation boundary is found. + # Fatal exception on failure. + # + sub process_header { +@@ -612,6 +614,10 @@ + foreach (@headlines) { s/[\r\n]+\Z/\n/ } ### fold + + ### How did we do? ++ if ($hdr_rdr->eos_type eq 'DELIM') { ++ $self->whine("bogus part, without CRLF before body"); ++ return; ++ } + ($hdr_rdr->eos_type eq 'DONE') or + $self->error("unexpected end of header\n"); + +@@ -983,7 +989,17 @@ + + ### Parse and add the header: + my $head = $self->process_header($in, $rdr); +- $ent->head($head); ++ if (not defined $head) { ++ $self->debug("bogus empty part"); ++ $head = $self->interface('HEAD_CLASS')->new; ++ $head->mime_type('text/plain; charset=US-ASCII'); ++ $ent->head($head); ++ $ent->bodyhandle($self->new_body_for($head)); ++ $ent->bodyhandle->open("w")->close; ++ $self->results->level(-1); ++ return $ent; ++ } ++ $ent->head($head); + + ### Tweak the content-type based on context from our parent... + ### For example, multipart/digest messages default to type message/rfc822: +@@ -997,8 +1013,10 @@ + if ($type eq 'multipart') { + $self->process_multipart($in, $rdr, $ent); + } +- elsif (("$type/$subtype" eq "message/rfc822") && +- $self->extract_nested_messages) { ++ elsif (("$type/$subtype" eq "message/rfc822" || ++ "$type/$subtype" eq "message/external-body" || ++ ("$type/$subtype" eq "message/partial" && $head->mime_attr("content-type.number") == 1)) && ++ $self->extract_nested_messages) { + $self->debug("attempting to process a nested message"); + $self->process_message($in, $rdr, $ent); + } diff -ruN --exclude=CVS /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-Words.pm /server-root/ports/mail/p5-MIME-Tools/files/patch-Words.pm --- /server-root/ports/mail/p5-MIME-Tools.orig/files/patch-Words.pm Tue Oct 28 01:55:25 2003 +++ /server-root/ports/mail/p5-MIME-Tools/files/patch-Words.pm Wed Nov 19 09:14:41 2003 @@ -1,5 +1,5 @@ ---- lib/MIME/Words.pm.orig Sat Nov 11 01:45:12 2000 -+++ lib/MIME/Words.pm Thu Jun 6 10:15:15 2002 +--- ../MIME-tools-5.411.orig/lib/MIME/Words.pm Fri Nov 10 17:45:12 2000 ++++ lib/MIME/Words.pm Wed Nov 19 09:13:45 2003 @@ -186,7 +186,7 @@ $@ = ''; ### error-return --- p5-MIME-Tools-5.411a_3,1.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311190826.hAJ8QV0n071571>