Your message dated Wed, 02 Oct 2013 22:36:06 +0000
with message-id <[email protected]>
and subject line Bug#712141: fixed in sympa 6.1.17~dfsg-1
has caused the Debian Bug report #712141,
regarding sympa: Very long loop while compiling some digest messages
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
712141: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712141
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sympa
Version: 6.1.11~dfsg-5
Severity: important
Tags: patch
Hi,
While compiling the digest for one list, the "sympa" process ran into some kind
of infinite loop. This issue is encountered when one of the messages that needs
to be digested contains binary attachments that are embedded in text/plain
parts.
The problem was fixed in the 6.1.16 release of Sympa and in particular in the
changeset 7955[1].
In my case, Sympa was unable to deliver messages to the lists while compiling
the digest and thus can be considered as as DoS. Fix delivered in Sympa 6.1.16
solved the problem.
1.
https://sourcesup.renater.fr/scm/viewvc.php?view=revision&root=sympa&revision=7955
Kind regards,
Olivier;
-- System Information:
Debian Release: 7.0
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.8.13-xxxx-std-ipv6-64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages sympa depends on:
ii adduser 3.113+nmu3
ii ca-certificates 20130119
ii dbconfig-common 1.8.47+nmu1
ii debconf [debconf-2.0] 1.5.49
ii dpkg 1.16.10
ii libarchive-zip-perl 1.30-6
ii libc6 2.13-38
ii libcgi-fast-perl 5.14.2-21
ii libcgi-pm-perl 3.61-2
ii libdbd-mysql-perl 4.021-1+b1
ii libdbd-pg-perl 2.19.2-2
ii libdbd-sqlite3-perl 1.37-1
ii libdbd-sybase-perl 1.14-1
ii libdbi-perl 1.622-1
ii libfcgi-perl 0.74-1+b1
ii libfile-copy-recursive-perl 0.38-1
ii libhtml-format-perl 2.10-1
ii libhtml-stripscripts-parser-perl 1.03-1
ii libhtml-tree-perl 5.02-1
ii libintl-perl 1.20-1
ii libio-stringy-perl 2.110-5
ii libmailtools-perl 2.09-1
ii libmime-charset-perl 1.009.2-1
ii libmime-encwords-perl 1.012.4-1
ii libmime-lite-html-perl 1.23-1.1
ii libmime-tools-perl 5.503-1
ii libmsgcat-perl 1.03-5+b2
ii libnet-ldap-perl 1:0.4400-1
ii libnet-netmask-perl 1.9016-1
ii libregexp-common-perl 2011121001-1
ii libtemplate-perl 2.24-1
ii libterm-progressbar-perl 2.13-1
ii libunicode-linebreak-perl 0.0.20120401-1
ii libxml-libxml-perl 2.0001+dfsg-1
ii lsb-base 4.1+Debian8
ii mhonarc 2.6.18-2
ii perl 5.14.2-21
ii perl-modules [libcgi-pm-perl] 5.14.2-21
ii postfix [mail-transport-agent] 2.9.6-2
ii rsyslog [system-log-daemon] 5.8.11-3
ii sqlite3 3.7.13-1+deb7u1
Versions of packages sympa recommends:
ii apache2-suexec-custom [apache2-suexec] 2.2.22-13
ii doc-base 0.10.4
ii libapache2-mod-fcgid 1:2.3.6-1.2
ii libcrypt-ciphersaber-perl 0.61-4
ii libfile-nfslock-perl 1.21-1
ii libio-socket-ssl-perl 1.76-2
ii libmail-dkim-perl 0.39-1
ii libsoap-lite-perl 0.714-1
ii locales 2.13-38
ii logrotate 3.8.1-4
ii mysql-server 5.5.31+dfsg-0+wheezy1
Versions of packages sympa suggests:
ii apache2-mpm-worker [httpd-cgi] 2.2.22-13
pn libauthcas-perl <none>
pn libdbd-oracle-perl <none>
pn libtext-wrap-perl <none>
ii openssl 1.0.1e-2
-- Configuration Files:
/etc/logrotate.d/sympa changed [not included]
/etc/sympa/httpd.conf-cgi [Errno 2] No such file or directory:
u'/etc/sympa/httpd.conf-cgi'
/etc/sympa/httpd.conf-fcgi [Errno 2] No such file or directory:
u'/etc/sympa/httpd.conf-fcgi'
/etc/sympa/topics.conf changed [not included]
-- debconf information:
* sympa/db_passwd: (password omitted)
sympa/password-confirm: (password omitted)
sympa/pgsql/admin-pass: (password omitted)
sympa/app-password-confirm: (password omitted)
sympa/key_password_again: (password omitted)
* sympa/db_passwd_again: (password omitted)
sympa/key_password: (password omitted)
sympa/pgsql/app-pass: (password omitted)
sympa/mysql/admin-pass: (password omitted)
* sympa/db_adminpasswd: (password omitted)
sympa/mysql/app-pass: (password omitted)
* sympa/dbconfig-install: false
* sympa/listmaster: [email protected]
* wwsympa/wwsympa_url: http://list.attac.org/wws
* wwsympa/webserver_restart: true
sympa/upgrade-backup: true
sympa/pgsql/changeconf: false
sympa/db_options:
sympa/db_configured: true
sympa/internal/skip-preseed: true
sympa/remote/host:
sympa/db_user: sympa
sympa/internal/reconfiguring: true
sympa/remove-error: abort
* wwsympa/webserver_type: Apache 2
sympa/dbconfig-remove:
sympa/mysql/method: unix socket
sympa/wwsympa_configured: false
* sympa/language: fr
sympa/pgsql/method: unix socket
sympa/db_removeonpurge: false
sympa/install-error: abort
sympa/pgsql/no-empty-passwords:
sympa/pgsql/authmethod-admin: ident
sympa/passwords-do-not-match:
sympa/missing-db-package-error: abort
sympa/remove_spool: false
sympa/remote/newhost:
sympa/pgsql/manualconf:
sympa/remote/port:
* sympa/hostname: attac-mail.attac.org
sympa/pgsql/authmethod-user: password
* sympa/db_hostname: localhost
sympa/dbconfig-upgrade: true
sympa/use_db: true
* sympa/use_soap: false
sympa/db/dbname: sympa
sympa/database-type: mysql
sympa/db/basepath:
* wwsympa/fastcgi: true
sympa/db/app-user: sympa
sympa/purge: false
sympa/db_authtype: Ident-based
sympa/db_port:
sympa/mysql/admin-user: root
sympa/db_name: sympa
* sympa/dbconfig-reinstall: false
* sympa/db_type: MySQL
sympa/pgsql/admin-user: postgres
sympa/upgrade-error: abort
* wwsympa/remove_spool: false
sympa/use_wwsympa: false
sympa/smime_support: false
--- End Message ---
--- Begin Message ---
Source: sympa
Source-Version: 6.1.17~dfsg-1
We believe that the bug you reported is fixed in the latest version of
sympa, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Emmanuel Bouthenot <[email protected]> (supplier of updated sympa package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 24 Sep 2013 21:41:18 +0000
Source: sympa
Binary: sympa
Architecture: source amd64
Version: 6.1.17~dfsg-1
Distribution: unstable
Urgency: low
Maintainer: Debian Sympa team <[email protected]>
Changed-By: Emmanuel Bouthenot <[email protected]>
Description:
sympa - Modern mailing list manager
Closes: 669803 682563 682664 691506 706965 709565 712141 714388 717435 724086
Changes:
sympa (6.1.17~dfsg-1) unstable; urgency=low
.
* New upstream release:
- Fix possible infinite loop while generating digest with text/plain
binary attachements (Closes: #712141)
- Fix missing templates (Closes: #714388)
- Switch the default locale from en_US to en (update debconf templates
accordingly) (Closes: #682563)
* Refresh patches:
- Fix 'CREATE DATABASE' syntax with mysql backend. Thanks to Daniel
Caillibaud for the patch (Closes: #682664)
* Add a patch to make possible to fallback on C locale when no other
locales are available
* Add a patch to raise a warning instead of an error when the CA bundle file
is not readable (Closes: #706965, #717435)
* Fix packaging to support Apache >= 2.4 (Closes: #669803)
* Update manpages patch to fix a FTBFS caused by lack of 'encoding'
identifer in pod snippets (Closes: #724086)
* Add dependency on libsoap-lite-perl
* Fix Vcs-* fields
* Bump Standards-Version to 3.9.4
* Remove support of sqlite < 3
* Add a warning message in postinst about the fix of permissions and
ownership which can take a while. Thanks to David Prévot for the
suggestion (Closes: #709565)
* Fix a bug in postinst while trying to add missing parameters in
sympa.conf during upgrade to sympa > 6.0.1. Thanks to Paul Menzel
for the patch (Closes: #691506)
* Minor updates in debian/copyright
* Switch to debhelper >= 9
Checksums-Sha1:
51684a564a966934a1419cd7857a0e976c41c4be 2517 sympa_6.1.17~dfsg-1.dsc
ac43ab205d681343681abff9772d55a541fd912a 5582004 sympa_6.1.17~dfsg.orig.tar.gz
3d42df0f13b216b595b14541426c6959c0e2b7f4 118776
sympa_6.1.17~dfsg-1.debian.tar.gz
f58cb1ed377f8d6a22d2b565a10a7a66eff2e23d 2096214 sympa_6.1.17~dfsg-1_amd64.deb
Checksums-Sha256:
9a6ae19a77c40d8d68f00b6b3ec4f737e056aed93d695be17f3fe96456d7ef49 2517
sympa_6.1.17~dfsg-1.dsc
82398955d8052d323441718ee3830ddf505ee50acdb82431acc7a297bf3f77b6 5582004
sympa_6.1.17~dfsg.orig.tar.gz
73c9acd941894a1d0d17194d5cdfc2e7f3d2d403f7b9cdfe2ea9ddf005d6b9a0 118776
sympa_6.1.17~dfsg-1.debian.tar.gz
1974ef0f15c530418f65ea17ce25b7750cc633800fbed1c5921e2d0b74c27839 2096214
sympa_6.1.17~dfsg-1_amd64.deb
Files:
3a2cac33de59432b8d11aea192413b21 2517 mail optional sympa_6.1.17~dfsg-1.dsc
1cf3040bf1f8013b7ebcf3bf8216bb18 5582004 mail optional
sympa_6.1.17~dfsg.orig.tar.gz
076cf5d8c110c6856b82f0e244dd846d 118776 mail optional
sympa_6.1.17~dfsg-1.debian.tar.gz
9e623cba0566abc75033faea3eb073bc 2096214 mail optional
sympa_6.1.17~dfsg-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAEBCgAGBQJSTJ0qAAoJEEsHdyOSnULDoNAQAIANqdXVv5W7IIKo02rmWzbE
nBXmNm133H/r50kNoAv2Ht162dwqaUhdyDxPMmqsWxA2EjcIODhWReyE/89e6jgB
S7OPbWEYo9xe8rLA/68K4CcqBAi9kLBL+awSvkpdCWcfmv3DEP6kiPeuFU280LXm
0hpYQ8WJu8jzaFTftRa8J2a5DsS0zyPR6UsQsdNPclCNX3fT5NMaoucTp3/Aub/k
VSMOW6BK1bmM1YPUAjJ8YDoNKlbarKLxmuHxDzEEBzS/2ATKu6cmgQ7wSgp3fO0W
or4I6bRkwrWJGdU0azXufl6Jq45YeLaWMojM/AgoYetbsDQA9WyLASHFNVfGLVF0
Ae6k/Q0XGlpy6jyi+e7k4PoCPOQ3r8dyt8hC7jShb3ihnKUxsrDCQnqv4muMzYNm
lQX5v57Gc7J+oBVt7pyMXSMoJ6O0FqcEiEQc46eKAP11RD6VdoWYxQacrOY315+8
6BMIMC/L6T7O8u0UYJ6PShGhJXD/XCjlzYnBO5zka5k6VikoefEY6k+d93mPwM4X
+FoRd/OZHVyv/Y0GHfwRMrxxwDiEcWZR5Gd+ryW5n/PxLqasnst727Wn2WgQ2UP5
h9gK7my/0V/A7NMiDfyuws3m9IvyBS1YFYKtkWEbtxKML/tlSwqTjYsNySPjrOpa
yZ6R2V+fQOhHzj7zB/bB
=/RcS
-----END PGP SIGNATURE-----
--- End Message ---