Gentoo Full Text Bug Listing

Bug 59341 - net-mail/ripmime Attachment Extraction Bypass

Bug#: 59341	Product: Gentoo Linux	Version: unspecified	Platform: All
OS/Version: All	Status: RESOLVED	Severity: minor	Priority: P2
Resolution: FIXED	Assigned To: security@gentoo.org	Reported By: jaervosz@gentoo.org
Component: Security
URL: http://secunia.com/advisories/12201/
Summary: net-mail/ripmime Attachment Extraction Bypass
Keywords:
Status Whiteboard: B4 [glsa?]
Opened: 2004-08-04 00:42 0000

Description:

Opened: 2004-08-04 00:42 0000

CHANGES---------------------------------------------------------------
Fri Jul 30 2004
	- PLD:REL:21H06
		!!!!URGENT RELEASE!!!!
		Released 1.3.2.3

		There's viruses going around exploiting the ability to hide the 
		majority of their data in an attachment by using blank lines and
		other tricks to make scanning systems prematurely terminate their
		base64 decoding.

------- Comment #1 From Thierry Carrez (RETIRED) 2004-08-04 08:05:36 0000 -------

gregf : please bump ripmime package to version 1.3.2.3.

------- Comment #2 From Sune Kloppenborg Jeppesen 2004-08-07 08:16:58 0000 -------

Bumping 1.3.1.2 emerges fine.

------- Comment #3 From Sune Kloppenborg Jeppesen 2004-08-12 09:25:39 0000 -------

seems like gregf is on vacation. Mike would you look into this?

------- Comment #4 From SpanKY 2004-08-13 05:56:54 0000 -------

added 1.3.2.3 to portage but i dont think this warrants a GLSA

i tested it on x86/ppc/sparc

------- Comment #5 From Sune Kloppenborg Jeppesen 2004-08-13 06:33:22 0000 -------

Thx Mike. 

All arches marked stable.

Closing with no GLSA.