Summary: | net-mail/up-imapproxy Format String Vulnerability | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Janne Pikkarainen <jabapi> | ||||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | normal | CC: | net-mail+disabled | ||||||
Priority: | High | ||||||||
Version: | unspecified | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
URL: | http://www.imapproxy.org/ | ||||||||
Whiteboard: | B2 [glsa] | ||||||||
Package list: | Runtime testing required: | --- | |||||||
Attachments: |
|
Description
Janne Pikkarainen
2005-09-29 23:34:34 UTC
Created attachment 70539 [details]
up-imapproxy v1.2.4
An ebuild for up-imapproxy v1.2.4 (actually just renamed v1.2.3 ebuild). Since
there seems to be a significant lag in up-imapproxy ebuild maintenance, I'm
willing to take over it's maintenance. I need to keep myself and our servers
up-to-date with up-imapproxy, so I might as well keep it up-to-date in Portage.
Created attachment 73191 [details, diff] Fix for string format specifier bug http://www.securiteam.com/unixfocus/6O0010AEKW.html http://lists.andrew.cmu.edu/pipermail/imapproxy-info/2005-October/000481.html Please add this fix to portage tree! *bump* Since this is a security-related bug and a trivially fixed one, this should be fixed ASAP. Thanks for the bug report. 1.2.4 with fix commited. @security: haven't seen this bug before. Please, do what's needed. Cleaning up so that it doesn't fall in the cracks x86 please test and mark 1.2.4 stable Has been working for me since last September... :-) This really isn't working for me. I set up the config file, started the server, it said "OK", then just died. I tried from console and it didn't do anything. It provides no debug or log messages, so I can't tell exactly what the problem might be.. (In reply to comment #7) > This really isn't working for me. I set up the config file, started the > server, it said "OK", then just died. I tried from console and it didn't do > anything. It provides no debug or log messages, so I can't tell exactly what > the problem might be.. > please post your /etc/imapproxy.conf . Do you have an imap server listening on the port that you have set in server_port ? funky configuration for what it actually want's as the server name..quite odd...I had the same issue as chris but tried something and it worked. Stable on x86 (X_X) <---gets that for the funky config server name Removed old versions and reopened this bug. Ready for GLSA GLSA 200603-04 |