Bug 112505

Summary:	net-mail/mailman possible DoS issue (CVE-2005-3597)
Product:	Gentoo Security	Reporter:	Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED INVALID
Severity:	normal	CC:	mholzer, net-mail+disabled
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327732
Whiteboard:	? [wait] jaervosz
Package list:		Runtime testing required:	---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-11-14 06:06:48 UTC

Debian bug report indicates that it might be possible to DoS a list by sending  
a specially crafted email.

Comment 1 Thierry Carrez (RETIRED) gentoo-dev

2005-11-14 08:10:44 UTC

This has yet to be reproduced. Ccing maintainers.

Comment 2 Tuan Van (RETIRED) gentoo-dev

2005-11-14 08:48:21 UTC

mailman has been maintained by mholzer. CC'ing him.

Comment 3 Martin Holzer (RETIRED) gentoo-dev

2005-11-22 10:30:50 UTC

see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339095;msg=35
i vote for closing the bug or watching the debian bugreport

Comment 4 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-11-22 12:58:27 UTC

Let's wait a bit and see what they decide.

Comment 5 Thierry Carrez (RETIRED) gentoo-dev

2005-11-30 08:05:16 UTC

Closed as non-security on Debian. I think we should do the same, feel free to
reopen if you disagree.