Date: Tue, 26 Oct 2004 05:02:56 +0000 (UTC) From: Kirill Ponomarew <krion@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/mail/bogofilter Makefile distinfo Message-ID: <200410260502.i9Q52uZA070150@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
krion 2004-10-26 05:02:56 UTC
FreeBSD ports repository
Modified files:
mail/bogofilter Makefile distinfo
Log:
- Update to 0.92.8
This update fixes among many other tiny bugs one security bug that
allows a remote attacker to cause a denial of service in bogofilter,
by crashing it; a malformatted (non-conformant) RFC-2047 encoded
word triggers an attempt to write a terminating NUL byte past the
end of a buffer or (more commonly) into the zero-page, which causes
a segfault.
Depending on the exact MTA/MDA configuration on the receiving
machine, this can cause a denial of service of the mail system.
PR: ports/73144
Submitted by: maintainer
Revision Changes Path
1.48 +2 -2 ports/mail/bogofilter/Makefile
1.38 +2 -2 ports/mail/bogofilter/distinfo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200410260502.i9Q52uZA070150>