Package: sympa Version: 6.1.11~dfsg-5 Severity: important Tags: patch Hi,
While compiling the digest for one list, the "sympa" process ran into some kind of infinite loop. This issue is encountered when one of the messages that needs to be digested contains binary attachments that are embedded in text/plain parts. The problem was fixed in the 6.1.16 release of Sympa and in particular in the changeset 7955[1]. In my case, Sympa was unable to deliver messages to the lists while compiling the digest and thus can be considered as as DoS. Fix delivered in Sympa 6.1.16 solved the problem. 1. https://sourcesup.renater.fr/scm/viewvc.php?view=revision&root=sympa&revision=7955 Kind regards, Olivier; -- System Information: Debian Release: 7.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.8.13-xxxx-std-ipv6-64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages sympa depends on: ii adduser 3.113+nmu3 ii ca-certificates 20130119 ii dbconfig-common 1.8.47+nmu1 ii debconf [debconf-2.0] 1.5.49 ii dpkg 1.16.10 ii libarchive-zip-perl 1.30-6 ii libc6 2.13-38 ii libcgi-fast-perl 5.14.2-21 ii libcgi-pm-perl 3.61-2 ii libdbd-mysql-perl 4.021-1+b1 ii libdbd-pg-perl 2.19.2-2 ii libdbd-sqlite3-perl 1.37-1 ii libdbd-sybase-perl 1.14-1 ii libdbi-perl 1.622-1 ii libfcgi-perl 0.74-1+b1 ii libfile-copy-recursive-perl 0.38-1 ii libhtml-format-perl 2.10-1 ii libhtml-stripscripts-parser-perl 1.03-1 ii libhtml-tree-perl 5.02-1 ii libintl-perl 1.20-1 ii libio-stringy-perl 2.110-5 ii libmailtools-perl 2.09-1 ii libmime-charset-perl 1.009.2-1 ii libmime-encwords-perl 1.012.4-1 ii libmime-lite-html-perl 1.23-1.1 ii libmime-tools-perl 5.503-1 ii libmsgcat-perl 1.03-5+b2 ii libnet-ldap-perl 1:0.4400-1 ii libnet-netmask-perl 1.9016-1 ii libregexp-common-perl 2011121001-1 ii libtemplate-perl 2.24-1 ii libterm-progressbar-perl 2.13-1 ii libunicode-linebreak-perl 0.0.20120401-1 ii libxml-libxml-perl 2.0001+dfsg-1 ii lsb-base 4.1+Debian8 ii mhonarc 2.6.18-2 ii perl 5.14.2-21 ii perl-modules [libcgi-pm-perl] 5.14.2-21 ii postfix [mail-transport-agent] 2.9.6-2 ii rsyslog [system-log-daemon] 5.8.11-3 ii sqlite3 3.7.13-1+deb7u1 Versions of packages sympa recommends: ii apache2-suexec-custom [apache2-suexec] 2.2.22-13 ii doc-base 0.10.4 ii libapache2-mod-fcgid 1:2.3.6-1.2 ii libcrypt-ciphersaber-perl 0.61-4 ii libfile-nfslock-perl 1.21-1 ii libio-socket-ssl-perl 1.76-2 ii libmail-dkim-perl 0.39-1 ii libsoap-lite-perl 0.714-1 ii locales 2.13-38 ii logrotate 3.8.1-4 ii mysql-server 5.5.31+dfsg-0+wheezy1 Versions of packages sympa suggests: ii apache2-mpm-worker [httpd-cgi] 2.2.22-13 pn libauthcas-perl <none> pn libdbd-oracle-perl <none> pn libtext-wrap-perl <none> ii openssl 1.0.1e-2 -- Configuration Files: /etc/logrotate.d/sympa changed [not included] /etc/sympa/httpd.conf-cgi [Errno 2] No such file or directory: u'/etc/sympa/httpd.conf-cgi' /etc/sympa/httpd.conf-fcgi [Errno 2] No such file or directory: u'/etc/sympa/httpd.conf-fcgi' /etc/sympa/topics.conf changed [not included] -- debconf information: * sympa/db_passwd: (password omitted) sympa/password-confirm: (password omitted) sympa/pgsql/admin-pass: (password omitted) sympa/app-password-confirm: (password omitted) sympa/key_password_again: (password omitted) * sympa/db_passwd_again: (password omitted) sympa/key_password: (password omitted) sympa/pgsql/app-pass: (password omitted) sympa/mysql/admin-pass: (password omitted) * sympa/db_adminpasswd: (password omitted) sympa/mysql/app-pass: (password omitted) * sympa/dbconfig-install: false * sympa/listmaster: listmas...@attac-mail.attac.org * wwsympa/wwsympa_url: http://list.attac.org/wws * wwsympa/webserver_restart: true sympa/upgrade-backup: true sympa/pgsql/changeconf: false sympa/db_options: sympa/db_configured: true sympa/internal/skip-preseed: true sympa/remote/host: sympa/db_user: sympa sympa/internal/reconfiguring: true sympa/remove-error: abort * wwsympa/webserver_type: Apache 2 sympa/dbconfig-remove: sympa/mysql/method: unix socket sympa/wwsympa_configured: false * sympa/language: fr sympa/pgsql/method: unix socket sympa/db_removeonpurge: false sympa/install-error: abort sympa/pgsql/no-empty-passwords: sympa/pgsql/authmethod-admin: ident sympa/passwords-do-not-match: sympa/missing-db-package-error: abort sympa/remove_spool: false sympa/remote/newhost: sympa/pgsql/manualconf: sympa/remote/port: * sympa/hostname: attac-mail.attac.org sympa/pgsql/authmethod-user: password * sympa/db_hostname: localhost sympa/dbconfig-upgrade: true sympa/use_db: true * sympa/use_soap: false sympa/db/dbname: sympa sympa/database-type: mysql sympa/db/basepath: * wwsympa/fastcgi: true sympa/db/app-user: sympa sympa/purge: false sympa/db_authtype: Ident-based sympa/db_port: sympa/mysql/admin-user: root sympa/db_name: sympa * sympa/dbconfig-reinstall: false * sympa/db_type: MySQL sympa/pgsql/admin-user: postgres sympa/upgrade-error: abort * wwsympa/remove_spool: false sympa/use_wwsympa: false sympa/smime_support: false -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org