Your message dated Thu, 06 Aug 2009 12:02:04 +0000
with message-id <[email protected]>
and subject line Bug#449179: fixed in fetchmail 6.3.9~rc2-6
has caused the Debian Bug report #449179,
regarding fetchmail: smbutil.c:90: unicodeToString: Assertion `len+1 < sizeof
buf' failed.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
449179: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449179
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: fetchmail
Version: 6.3.8-9
Severity: important
Tags: security
After upgrading from 6.3.6-1etch1 fetchmail crashes with
Nov 3 23:12:44 sghpc fetchmail[10383]: starting fetchmail 6.3.8 daemon
Nov 3 23:12:44 sghpc fetchmail[10383]: Server certificate verification error:
self signed certificate
Nov 3 23:12:44 sghpc fetchmail[10383]: Server certificate verification error:
certificate has expired
Nov 3 23:12:45 sghpc fetchmail[10383]: Error exchanging credentials
Nov 3 23:12:45 sghpc fetchmail[10383]: could not decode BASE64 challenge
Nov 3 23:12:45 sghpc fetchmail[10383]: terminated with signal 6
sghpc% sudo env LC_ALL=C /etc/init.d/fetchmail debug-run
/etc/init.d/fetchmail: Initiating debug run of system-wide fetchmail service...
/etc/init.d/fetchmail: script will be run in debug mode, all output to forced to
/etc/init.d/fetchmail: stdout. This is not enough to debug failures that only
/etc/init.d/fetchmail: happen in daemon mode.
/etc/init.d/fetchmail: You might want to direct output to a file, and tail -f
it.
/etc/init.d/fetchmail: Stopping the service...
* Pidfile not found! Is fetchmail running?
/etc/init.d/fetchmail: exit status of service stop was: 0
/etc/init.d/fetchmail: RUNUSER is fetchmail
/etc/init.d/fetchmail: OPTIONS would be -f /etc/fetchmailrc --pidfile
/var/run/fetchmail/fetchmail.pid -d 300 --syslog
/etc/init.d/fetchmail: Starting service in nodetach mode, hit ^C (SIGINT/intr)
to finish run...
fetchmail: starting fetchmail 6.3.8 daemon
fetchmail: 6.3.8 querying mail.hw.ru (protocol IMAP) at Sun Nov 4 00:53:07
2007: poll started
Trying to connect to 194.67.32.240/993...connected.
fetchmail: Issuer Organization: RBC Soft
fetchmail: Issuer CommonName: mail.hw.ru
fetchmail: Server CommonName: mail.hw.ru
fetchmail: mail.hw.ru key fingerprint:
3E:6F:46:74:6B:8A:71:AD:1B:53:8C:80:AD:F5:74:03
fetchmail: Server certificate verification error: self signed certificate
fetchmail: Server certificate verification error: certificate has expired
fetchmail: IMAP< * OK CommuniGate Pro IMAP Server 5.0.14 at mail.hw.ru ready
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4 IMAP4REV1 ACL NAMESPACE UIDPLUS IDLE
LITERAL+ QUOTA ID MULTIAPPEND LISTEXT CHILDREN BINARY LOGIN-REFERRALS UNSELECT
STARTTLS AUTH=LOGIN AUTH=PLAIN AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=GSSAPI
AUTH=MSN AUTH=NTLM
fetchmail: IMAP< A0001 OK completed
fetchmail: Protocol identified as IMAP4 rev 1
fetchmail: Using service name [[email protected]]
fetchmail: IMAP> A0002 AUTHENTICATE GSSAPI
fetchmail: IMAP< +
fetchmail: Sending credentials
fetchmail: Error exchanging credentials
fetchmail: IMAP< +
fetchmail: IMAP> A0003 *
fetchmail: IMAP> A0004 AUTHENTICATE CRAM-MD5
fetchmail: IMAP< A0002 NO unknown GSSAPI method
fetchmail: could not decode BASE64 challenge
fetchmail: IMAP> A0005 *
fetchmail: IMAP> A0006 AUTHENTICATE NTLM
fetchmail: IMAP< + PDcxMjcuMTE5NDEyMzE5MUBtYWlsLmh3LnJ1Pg==
NTLM Request:
Ident = NTLMSSP
mType = 1
Flags = 0000b207
User = sghpc
Domain = golosunov.pp.ru
fetchmail: IMAP>
TlRMTVNTUAABAAAAB7IAAAUABQAgAAAADwAPACUAAABzZ2hwY2dvbG9zdW5vdi5wcC5ydQ==
fetchmail: IMAP< A0004 NO incorrect E-mail address
NTLM Challenge:
Ident = M4
mType = 5
fetchmail: smbutil.c:90: unicodeToString: Assertion `len+1 < sizeof buf' failed.
fetchmail: terminated with signal 6
fetchmail: Deleting fetchids file.
/etc/init.d/fetchmail: End of service run. Exit status was: 0
Adding " auth cram-md5" to fetchmailrc fixed the situation for me.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (900, 'testing'), (800, 'stable')
Architecture: i386 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.22-3-amd64
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Versions of packages fetchmail depends on:
ii adduser 3.102 Add and remove users and groups
ii debianutils 2.25.1 Miscellaneous utilities specific t
ii libc6 2.6.1-1+b1 GNU C Library: Shared libraries
ii libcomerr2 1.40.2-1 common error description library
ii libkrb53 1.6.dfsg.3~beta1-2 MIT Kerberos runtime libraries
ii libssl0.9.8 0.9.8g-1 SSL shared libraries
ii lsb-base 3.1-24 Linux Standard Base 3.1 init scrip
Versions of packages fetchmail recommends:
ii ca-certificates 20070303 Common CA Certificates PEM files
-- debconf-show failed
--- End Message ---
--- Begin Message ---
Source: fetchmail
Source-Version: 6.3.9~rc2-6
We believe that the bug you reported is fixed in the latest version of
fetchmail, which is due to be installed in the Debian FTP archive:
fetchmail_6.3.9~rc2-6.diff.gz
to pool/main/f/fetchmail/fetchmail_6.3.9~rc2-6.diff.gz
fetchmail_6.3.9~rc2-6.dsc
to pool/main/f/fetchmail/fetchmail_6.3.9~rc2-6.dsc
fetchmail_6.3.9~rc2-6_amd64.deb
to pool/main/f/fetchmail/fetchmail_6.3.9~rc2-6_amd64.deb
fetchmailconf_6.3.9~rc2-6_all.deb
to pool/main/f/fetchmail/fetchmailconf_6.3.9~rc2-6_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <[email protected]> (supplier of updated fetchmail package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 06 Aug 2009 12:44:26 +0200
Source: fetchmail
Binary: fetchmail fetchmailconf
Architecture: source all amd64
Version: 6.3.9~rc2-6
Distribution: unstable
Urgency: high
Maintainer: Fetchmail Maintainers <[email protected]>
Changed-By: Nico Golde <[email protected]>
Description:
fetchmail - SSL enabled POP3, APOP, IMAP mail gatherer/forwarder
fetchmailconf - fetchmail configurator
Closes: 449179 508667 530081
Changes:
fetchmail (6.3.9~rc2-6) unstable; urgency=high
.
* Bump to policy version 3.8.2
+ don't rely on /etc/default/fetchmail in init script but provide
default (no) for START_DAEMON and check if file exists.
* debian/rules: dh_clean -k is deprecated => dh_prep.
* Include upstream patch to fix off-by-one asserts in smbutil.c
(03_smb_assert.patch; Closes: #449179).
* Fix bashism in fetchsetup script
(04_fix_fetchsetup_bashism.patch; Closes: #530081).
* Fix exit status of fetchmail when used with --fetchlimit
option (05_fetchlimit_exist_status.patch; Closes: #508667).
* Add upstream patch to detect malicious certificates containing
a null byte in the Subject Alternative Name
(CVE-2009-2666; 06_cert_0_byte.patch).
.
fetchmail (6.3.9~rc2-5) unstable; urgency=low
.
* Set -e flag in prerm and preinst to ensure that the script aborts
its execution on failed commands.
* Add 02_nooverlapping_snprintf.patch to prevent undefined behaviour on
using snprintf with overlapping buffers.
Checksums-Sha1:
6308e8d5d3d48d54b8da8c3cbf2bbbd4bba93ab1 1347 fetchmail_6.3.9~rc2-6.dsc
f90857267a92326ae58d80fae0778880e92b450a 48974 fetchmail_6.3.9~rc2-6.diff.gz
f2947de283994b61f108553c05de2dcfde6eac63 64328
fetchmailconf_6.3.9~rc2-6_all.deb
aed66b3cb86e00bd9bd6192e3f1de677a6f9848d 667888 fetchmail_6.3.9~rc2-6_amd64.deb
Checksums-Sha256:
4f9244d855a9d0e551b980b06d0d9838ee4e84bf2cfd5d340a7d073e4af3be46 1347
fetchmail_6.3.9~rc2-6.dsc
e1842896bbd6abb99e96f334f0cebf2539ceb780cc01758162fdc87ff3a74010 48974
fetchmail_6.3.9~rc2-6.diff.gz
6bb0ed2f8e2c1dda22ef3173506a6f29e8c3d05306dc383fb0609a1926d97bc6 64328
fetchmailconf_6.3.9~rc2-6_all.deb
aa1a6275df9b34e391edf5c022ffe421c67b0ba8961b40e4b91f19dd3d9867be 667888
fetchmail_6.3.9~rc2-6_amd64.deb
Files:
7c767f1c6f60ca9991589eecdf432907 1347 mail optional fetchmail_6.3.9~rc2-6.dsc
409a8332596e014c0035546a68e3a75c 48974 mail optional
fetchmail_6.3.9~rc2-6.diff.gz
3e6e37287a37bd028aa24335d202919b 64328 mail optional
fetchmailconf_6.3.9~rc2-6_all.deb
1029d66829165c2df5e2e665ef5b8b3f 667888 mail optional
fetchmail_6.3.9~rc2-6_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkp6whoACgkQHYflSXNkfP+4pgCglUCU78YJZ58p3vCW/h5DVlqt
I2wAn3hub3unWzrRf+/VSjzjMEJQMWlN
=1NxC
-----END PGP SIGNATURE-----
--- End Message ---
