Bug 721566 (CVE-2005-1513, CVE-2005-1514, CVE-2005-1515)

Comment 1 Rolf Eike Beer 2020-05-18 16:31:02 UTC

Created attachment 640170 [details, diff]
patch 1

Comment 2 Rolf Eike Beer 2020-05-18 16:31:28 UTC

Created attachment 640172 [details, diff]
patch 2

Comment 3 Rolf Eike Beer 2020-05-18 16:31:51 UTC

Created attachment 640174 [details, diff]
patch 3

Comment 4 Rolf Eike Beer 2020-05-18 16:32:11 UTC

Created attachment 640176 [details, diff]
patch 4

Comment 5 Rolf Eike Beer 2020-05-18 16:33:44 UTC

Ok, these 4 patches would be what I put into the next ebuild. Additionally I would switch the pop3 useflag to -pop3 so only those that actually need that beast will get it.

Longterm idea is to switch that all to notqmail instead, where we will have even better patches shortly.

Comment 6 Rolf Eike Beer 2020-05-18 21:34:44 UTC

The 2020 CVEs only affect the qmail-verify patch, which is not used by Gentoos ebuild.

Comment 7 Thomas Deutschmann (RETIRED) 2020-05-19 17:38:23 UTC

Now public.

Comment 8 Sam James 2020-05-19 17:43:52 UTC

* CVE-2005-1513, CVE-2005-1514, CVE-2005-1515

These are the "classic" qmail RCE vulnerabilities.

Comment 9 Rolf Eike Beer 2020-05-19 18:35:32 UTC

Please note that these are only _local_ exploits if you have not removed the softlimit line from the configuration.

Comment 10 Larry the Git Cow 2020-05-19 18:44:13 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3cd7e2b9721dbbf24cd4a5f9135236418a9c0cfa

commit 3cd7e2b9721dbbf24cd4a5f9135236418a9c0cfa
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2020-05-19 14:16:07 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-05-19 18:36:35 +0000

    mail-mta/netqmail-1.06-r13: revbump for CVE-2005-1513, CVE-2005-1514, CVE-2005-1515
    
    Bug: https://bugs.gentoo.org/721566
    Signed-off-by: Rolf Eike Beer <kde@opensource.sf-tec.de>
    Closes: https://github.com/gentoo/gentoo/pull/15881
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 .../files/netqmail-1.06-CVE-2005-1513.patch        |  66 ++++++
 .../files/netqmail-1.06-CVE-2005-1514.patch        |  39 ++++
 .../files/netqmail-1.06-CVE-2005-1515.patch        |  64 ++++++
 .../netqmail/files/netqmail-1.06-overflows.patch   | 223 +++++++++++++++++++++
 mail-mta/netqmail/netqmail-1.06-r13.ebuild         | 203 +++++++++++++++++++
 5 files changed, 595 insertions(+)

Comment 11 Rolf Eike Beer 2020-05-19 19:15:32 UTC

Arches, please stabilize.

Comment 12 Sergei Trofimovich (RETIRED) 2020-05-22 08:21:22 UTC

ppc64 stable

Comment 13 Sergei Trofimovich (RETIRED) 2020-05-25 09:45:05 UTC

ppc stable

Comment 14 Agostino Sarubbo 2020-06-03 18:42:51 UTC

arm stable

Comment 15 Agostino Sarubbo 2020-06-04 06:36:55 UTC

x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.

Comment 16 Larry the Git Cow 2020-06-04 14:10:50 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9748e68401dcb7e3059f3dc2640b770707b2d43a

commit 9748e68401dcb7e3059f3dc2640b770707b2d43a
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2020-06-04 06:55:22 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2020-06-04 14:10:38 +0000

    mail-mta/netqmail: drop vulnerable
    
    Bug: https://bugs.gentoo.org/721566
    Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>
    Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>

 mail-mta/netqmail/netqmail-1.06-r12.ebuild | 199 -----------------------------
 1 file changed, 199 deletions(-)

Comment 17 GLSAMaker/CVETool Bot 2020-07-26 23:28:57 UTC

This issue was resolved and addressed in
 GLSA 202007-01 at https://security.gentoo.org/glsa/202007-01
by GLSA coordinator Sam James (sam_c).