Package: sympa Version: 6.1.23~dfsg-2 Severity: normal Dear Maintainer,
As reported in sympa's bug tracker as bug #10573 (see https://sourcesup.renater.fr/tracker/?aid=10573) When sending an email as PGP/Mime from Thunderbird+Enigmail, sympa breaks a line differently than the quoted-printable in Thunderbird, leading to different line-lengths and a broken PGP signature: (If an intermediate MTA breaks the examples, the bug report at sympa.org has unbroken ones.) The source of the mail sent from Thunderbird looks like this, between '---': --- 1234567890123456789012345678901234567890123456789012345678901234567890123= 4567890 --- The source in sympa's archive and sent from sympa looks like this, between '---': --- 123456789012345678901234567890123456789012345678901234567890123456789012345= 67890 --- Note "123=" versus "12345=" and "4567890" versus "67890". RFC3156 states that "Multipart/signed and multipart/encrypted are to be treated by agents as opaque, meaning that the data is not to be altered in any way." That the signature is correct is important to our security team when they report security issues to other security teams. The same problem affects S/Mime. Upstream reported that newer sympas, 6.2.x and on, "probably may not break them" and to try 6.2.x, which does not have a debian package. You have backported fixes from 6.2 before, can you do it in this case or make a package for 6.2? -- System Information: Debian Release: 8.2 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=locale: Cannot set LC_ALL to default locale: No such file or directory UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages sympa depends on: ii adduser 3.113+nmu3 ii ca-certificates 20141019 ii dbconfig-common 1.8.47+nmu3 ii debconf [debconf-2.0] 1.5.56 ii libarchive-zip-perl 1.39-1 ii libc6 2.19-18+deb8u3 ii libcgi-fast-perl 1:2.04-1 ii libcgi-pm-perl 4.09-1 ii libdbd-mysql-perl 4.028-2+b1 ii libdbd-pg-perl 3.4.2-1 ii libdbd-sqlite3-perl 1.44-1 ii libdbd-sybase-perl 1.14-1+b2 ii libdbi-perl 1.631-3+b1 ii libfcgi-perl 0.77-1+b1 ii libfile-copy-recursive-perl 0.38-1 ii libhtml-format-perl 2.11-1 ii libhtml-stripscripts-parser-perl 1.03-1 ii libhtml-tree-perl 5.03-1 ii libintl-perl 1.23-1 ii libio-stringy-perl 2.110-5 ii libmailtools-perl 2.13-1 ii libmime-charset-perl 1.011.1-1 ii libmime-encwords-perl 1.014.3-1 ii libmime-lite-html-perl 1.24-1 ii libmime-tools-perl 5.505-1 ii libmsgcat-perl 1.03-6+b1 ii libnet-ldap-perl 1:0.6400+dfsg-2 ii libnet-netmask-perl 1.9021-1 ii libregexp-common-perl 2013031301-1 ii libsoap-lite-perl 1.11-1 ii libtemplate-perl 2.24-1.2+b1 ii libterm-progressbar-perl 2.16-1 ii libunicode-linebreak-perl 0.0.20140601-2 ii libxml-libxml-perl 2.0116+dfsg-1+deb8u1 ii lsb-base 4.1+Debian13+nmu1 ii mhonarc 2.6.19-1 ii perl 5.20.2-3+deb8u4 ii perl-modules 5.20.2-3+deb8u4 ii postfix [mail-transport-agent] 2.11.3-1 ii rsyslog [system-log-daemon] 8.4.2-1+deb8u2 ii sqlite3 3.8.7.1-1+deb8u1 Versions of packages sympa recommends: pn apache2-suexec <none> pn doc-base <none> ii libapache2-mod-fcgid 1:2.3.9-1+b1 pn libcrypt-ciphersaber-perl <none> pn libfile-nfslock-perl <none> ii libio-socket-ssl-perl 2.002-2+deb8u1 pn libmail-dkim-perl <none> ii locales 2.19-18+deb8u3 ii logrotate 3.8.7-1+b1 pn mysql-server | postgresql <none> Versions of packages sympa suggests: ii apache2 [httpd-cgi] 2.4.10-10+deb8u3 pn libauthcas-perl <none> pn libdbd-oracle-perl <none> pn libtext-wrap-perl <none> ii openssl 1.0.1k-3+deb8u5 -- Configuration Files: /etc/sympa/auth.conf changed [not included] /etc/sympa/sympa.conf-smime.in [Errno 13] Permission denied: u'/etc/sympa/sympa.conf-smime.in' -- debconf information excluded -- HM
0x2D8F71E5.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
