Bug#557735: marked as done (bug in ssmtp in handling MD5 autentication)

Debian Bug Tracking System Thu, 26 Feb 2026 14:39:18 -0800

Your message dated Fri, 27 Feb 2026 03:38:40 +0500
with message-id 
<capeewgb3jefdqqbtwjy_kjcnhlcln+z9j1wre20vww9iu5r...@mail.gmail.com>
and subject line Invalid bug unable to reproduce
has caused the Debian Bug report #557735,
regarding bug in ssmtp in handling MD5 autentication
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
557735: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557735
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: ssmtp
Version: 2.61-3

Hi guys,

as I pointed out _one_ year ago, there's a bug in ssmtp in handling MD5autentication:


The changelog states

ssmtp (2.60.10) unstable; urgency=low
...
Logic to choose cram-md5 authentication is backwards (Closes: #249907)

But this bug is still in 2.61-3!

        if(auth_method && strcasecmp(auth_method, "cram-md5") == 0) {
                outbytes += smtp_write(sock, "AUTH CRAM-MD5");
                ...
        }

IMHO it has to be

        if(auth_method && !strcasecmp(auth_method, "cram-md5") == 0) {

as we want to execute this branch if auth_method _is_ "cram-md5"!

--
Steven

--- End Message ---

--- Begin Message ---
Invalid bug unable to reproduce.
--- End Message ---

Bug#557735: marked as done (bug in ssmtp in handling MD5 autentication)

Reply via email to