From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Aug 13 21:00:22 2012 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id AC778106566C for ; Mon, 13 Aug 2012 21:00:22 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 8BE828FC0C for ; Mon, 13 Aug 2012 21:00:22 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q7DL0Mjs091717 for ; Mon, 13 Aug 2012 21:00:22 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q7DL0M4b091716; Mon, 13 Aug 2012 21:00:22 GMT (envelope-from gnats) Resent-Date: Mon, 13 Aug 2012 21:00:22 GMT Resent-Message-Id: <201208132100.q7DL0M4b091716@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Matthias Andree Received: from apollo.emma.line.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by hub.freebsd.org (Postfix) with ESMTP id 33309106566B; Mon, 13 Aug 2012 20:55:50 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from mandree by apollo.emma.line.org with local (Exim 4.80 (FreeBSD)) (envelope-from ) id 1T11fF-00095z-VI; Mon, 13 Aug 2012 22:55:05 +0200 Message-Id: Date: Mon, 13 Aug 2012 22:55:05 +0200 From: Matthias Andree To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: chalpin@cs.wisc.edu Subject: ports/170613: [PATCH] mail/fetchmail: update to 6.3.21_1 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Aug 2012 21:00:22 -0000 >Number: 170613 >Category: ports >Synopsis: [PATCH] mail/fetchmail: update to 6.3.21_1 >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Mon Aug 13 21:00:22 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Matthias Andree >Release: FreeBSD 9.1-PRERELEASE amd64 >Organization: >Environment: System: FreeBSD apollo.emma.line.org 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #3: Fri Aug 10 23:05:39 CEST 2012 >Description: - Update to 6.3.21_1, with a security fix for NTLM auth (fixes a DoS/crash). Details to be disclosed later. Added file(s): - files/patch-3fbc7c Port maintainer (chalpin@cs.wisc.edu) is cc'd. Generated with FreeBSD Port Tools 0.99_6 (mode: update, diff: ports) >How-To-Repeat: >Fix: --- fetchmail-6.3.21_1.patch begins here --- diff -ruN --exclude=CVS /usr/ports//mail/fetchmail/Makefile ./Makefile --- /usr/ports//mail/fetchmail/Makefile 2012-02-25 00:56:18.000000000 +0100 +++ ./Makefile 2012-08-13 22:46:33.000000000 +0200 @@ -12,6 +12,7 @@ PORTNAME= fetchmail PORTVERSION= 6.3.21 +PORTREVISION= 1 CATEGORIES= mail ipv6 MASTER_SITES= BERLIOS/${PORTNAME}/ \ SF/${PORTNAME}/branch_6.3/ \ diff -ruN --exclude=CVS /usr/ports//mail/fetchmail/files/patch-3fbc7c ./files/patch-3fbc7c --- /usr/ports//mail/fetchmail/files/patch-3fbc7c 1970-01-01 01:00:00.000000000 +0100 +++ ./files/patch-3fbc7c 2012-08-13 22:46:13.000000000 +0200 @@ -0,0 +1,38 @@ +commit 3fbc7cd331602c76f882d1b507cd05c1d824ba8b +Author: Matthias Andree +Date: Mon Aug 13 20:48:12 2012 +0200 + + Fix crash: Handle invalid base64 in NTLM challenge. + + Some servers, for instance the MS Exchange servers deployed by the + US-American National Aeronautics and Space Administration (NASA), + aborted the NTLM protocol exchange after receiving the initial request. + + Fetchmail did not detect that there was an error message, rather than + NTLM protocol exchange, and caught a segmentation fault while reading + from a bad location. + + Detect base64 decoding errors, and return PS_AUTHFAIL in this case. + + Reported by J[ames] Porter Clark. + +diff --git a/ntlmsubr.c b/ntlmsubr.c +index f9d2733..9321d26 100644 +--- a/ntlmsubr.c ++++ b/ntlmsubr.c +@@ -55,7 +55,14 @@ int ntlm_helper(int sock, struct query *ctl, const char *proto) + if ((result = gen_recv(sock, msgbuf, sizeof msgbuf))) + goto cancelfail; + +- (void)from64tobits (&challenge, msgbuf, sizeof(challenge)); ++ if ((result = from64tobits (&challenge, msgbuf, sizeof(challenge))) < 0) ++ { ++ report (stderr, GT_("could not decode BASE64 challenge\n")); ++ /* We do not goto cancelfail; the server has already sent the ++ * tagged reply, so the protocol exchange has ended, no need ++ * for us to send the asterisk. */ ++ return PS_AUTHFAIL; ++ } + + if (outlevel >= O_DEBUG) + dumpSmbNtlmAuthChallenge(stdout, &challenge); --- fetchmail-6.3.21_1.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: