ssmtp dies with error 'standardise() -- Buffer overflow' on some mails. For details check url. It affects stable version ssmtp-2.62-r4 and also unstable 2.62-r5. Provided patch fixes problem. Reproducible: Sometimes Actual Results: Feb 18 14:39:03 www sSMTP[24423]: standardise() -- Buffer overflow Feb 18 14:42:17 www sSMTP[25042]: standardise() -- Buffer overflow Expected Results: mail successfuly sent Portage 2.1.6.4 (default/linux/x86/2008.0, gcc-4.1.2, glibc-2.6.1-r0, 2.6.24-19-openvz i686) ================================================================= System uname: Linux-2.6.24-19-openvz-i686-Genuine_Intel-R-_CPU_2140_@_1.60GHz-with-glibc2.0 Timestamp of tree: Wed, 18 Feb 2009 12:30:01 +0000 app-shells/bash: 3.2_p39 dev-lang/python: 2.5.2-r7 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.63 sys-devel/automake: 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=i686 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /sbin/rc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /et CXXFLAGS="-O2 -march=i686 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LDFLAGS="-Wl,-O1" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="acl apache2 berkdb bzip2 cli cracklib crypt cups dri fortran gdbm gpm iconv isdnlog jpeg midi mudflap ncurses nls nptl nptlonly openmp pam pcre perl png pppd python readline reflection session snmp spl ssl sysfs tcpdl Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, MAKEOPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Created attachment 182417 [details, diff] patch for gentoo version of ssmtp.c
This is referenced as CVE-2008-3962 by Ubuntu. Tracked in #234391, the fix we (and Debian) used seems incomplete, see https://bugs.launchpad.net/ubuntu/+source/ssmtp/+bug/282424/comments/6 Updated patch for CVE-2008-3962 in =mail-mta/ssmtp-2.62-r6.
Please do not mix those issues. CVE-2008-3962 was issued for the data disclosure issue, whereas we are dealing with another bug here. Putting the fix for this bug (aka launchpad #282424) into a patch for CVE-2008-3962 is misleading. However, I'd cc arches to stable this bump. Do you want to split patches to ease seperation of issues before that?
i'm fixed by edit crontab MAILTO=""
Arches, please test and mark stable: =mail-mta/ssmtp-2.62-r6 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
Nevermind. setuptools was still installed for Python 2.5 (2.6 is my default).
Stable on alpha.
x86 stable
arm/ia64/m68k/s390/sh/sparc stable
ppc stable
ppc64 done
amd64 stable, all arches done.
GLSA voting: NO. Looking at the patch, the copied data is just reduced by 2 bytes. Don't think you can cause anything besides a client DoS with 2 bytes to play with.
NO, too. Closing.
