From owner-freebsd-ports-bugs@FreeBSD.ORG Tue May 26 15:00:02 2009 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C47841065678 for ; Tue, 26 May 2009 15:00:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 999758FC26 for ; Tue, 26 May 2009 15:00:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n4QF02lt060603 for ; Tue, 26 May 2009 15:00:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n4QF02pu060602; Tue, 26 May 2009 15:00:02 GMT (envelope-from gnats) Resent-Date: Tue, 26 May 2009 15:00:02 GMT Resent-Message-Id: <200905261500.n4QF02pu060602@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Michael Scheidell Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 84832106576E for ; Tue, 26 May 2009 14:58:04 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 569608FC1C for ; Tue, 26 May 2009 14:58:04 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n4QEw3mp004903 for ; Tue, 26 May 2009 14:58:03 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id n4QEw3Gb004902; Tue, 26 May 2009 14:58:03 GMT (envelope-from nobody) Message-Id: <200905261458.n4QEw3Gb004902@www.freebsd.org> Date: Tue, 26 May 2009 14:58:03 GMT From: Michael Scheidell To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/134964: update mail/p5-Mail-DKIM to 0.35. Fixes DOS condition in .033 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 15:00:03 -0000 >Number: 134964 >Category: ports >Synopsis: update mail/p5-Mail-DKIM to 0.35. Fixes DOS condition in .033 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue May 26 15:00:02 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Michael Scheidell >Release: 6.4/7.1 >Organization: SECNAP Network Security >Environment: na >Description: Version 0.35 fixes a DOS (runaway memory usage) condition reported on amavisd-new users list, with patch provide by Mark Martinec, author of amavisd-new >From ChangeLog 2009-05-22: Jason Long * t/signer.t: add a test-case of a message with 10000's of blank lines; this seems to DoS the canonicalization routines * lib/Mail/DKIM/Canonicalization/{simple,relaxed,dk_simple}.pm: fix for bug reported on amavis-user list, patch provided by Mark Martinec. Thanks! I am the port maintainer for p5-Mail-SpamAssassin and am going to make 0.35 a minimum dependency for that package as soon as this gets posted. >How-To-Repeat: see amavisd-new users list for sample. from mailing list: > So the process which tries to sign this message crashes after > 11 minutes, running out of memory. It happens while Perl is > evaluating the following regexp: > > s/((?:\015\012){2,})\z/\015\012/ Ugh! >Fix: upgrade to Mail-DKIM 0.35. simple patches to Makefile and distfile. no new dependencies or patches diff -bBru /var/tmp/DKIM/ ./ diff -bBru /var/tmp/DKIM/Makefile ./Makefile --- /var/tmp/DKIM/Makefile 2009-03-15 13:26:55.000000000 -0400 +++ ./Makefile 2009-05-26 10:43:39.000000000 -0400 @@ -6,7 +6,7 @@ # PORTNAME= Mail-DKIM -PORTVERSION= 0.33 +PORTVERSION= 0.35 CATEGORIES= mail perl5 MASTER_SITES= CPAN PKGNAMEPREFIX= p5- diff -bBru /var/tmp/DKIM/distinfo ./distinfo --- /var/tmp/DKIM/distinfo 2009-03-15 13:26:55.000000000 -0400 +++ ./distinfo 2009-05-26 10:45:35.000000000 -0400 @@ -1,3 +1,3 @@ -MD5 (Mail-DKIM-0.33.tar.gz) = 09216a6544439c212efdd70e4bd106ca -SHA256 (Mail-DKIM-0.33.tar.gz) = 3839a6aa5f665b551cbd3d1828645f43f38623a59baed68075b0cc1373a45b69 -SIZE (Mail-DKIM-0.33.tar.gz) = 75382 +MD5 (Mail-DKIM-0.35.tar.gz) = 7eca49dc2a3f6b1abd31c5d9f19beffe +SHA256 (Mail-DKIM-0.35.tar.gz) = 1ee52a71ea2e735c4fc5a61a9af12f9cc1da0f3d76014fb7b9a5ff12aa3894c8 +SIZE (Mail-DKIM-0.35.tar.gz) = 81039 >Release-Note: >Audit-Trail: >Unformatted: