Summary: | <mail-filter/postsrsd-1.10: specially crafted SRS address could cause dos (CVE-2020-35573) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | djc |
Priority: | Normal | Flags: | nattka:
sanity-check-
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/roehling/postsrsd/commit/4733fb11f6bec6524bb8518c5e1a699288c26bac | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: |
mail-filter/postsrsd-1.10
|
Runtime testing required: | --- |
Description
Sam James
2020-12-20 05:51:12 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a91026aa9742129fd7d2fddfa491a11fb6dad2fb commit a91026aa9742129fd7d2fddfa491a11fb6dad2fb Author: Dirkjan Ochtman <djc@gentoo.org> AuthorDate: 2020-12-20 19:25:13 +0000 Commit: Dirkjan Ochtman <djc@gentoo.org> CommitDate: 2020-12-20 19:25:38 +0000 mail-filter/postsrsd: bump to 1.10 to fix CVE-2020-35573 Bug: https://bugs.gentoo.org/760821 Package-Manager: Portage-3.0.9, Repoman-3.0.2 Signed-off-by: Dirkjan Ochtman <djc@gentoo.org> mail-filter/postsrsd/Manifest | 1 + mail-filter/postsrsd/postsrsd-1.10.ebuild | 35 +++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+) Thanks for the quick bump djc! x86 stable amd64 done all arches done Please cleanup The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=09b8f71a2bea30bd2ef3dfef0777d7da50ea1bfa commit 09b8f71a2bea30bd2ef3dfef0777d7da50ea1bfa Author: Dirkjan Ochtman <djc@gentoo.org> AuthorDate: 2020-12-22 20:26:25 +0000 Commit: Dirkjan Ochtman <djc@gentoo.org> CommitDate: 2020-12-22 20:26:42 +0000 mail-filter/postsrsd: remove vulnerable version 1.6 Bug: https://bugs.gentoo.org/show_bug.cgi?id=760821 Package-Manager: Portage-3.0.9, Repoman-3.0.2 Signed-off-by: Dirkjan Ochtman <djc@gentoo.org> mail-filter/postsrsd/Manifest | 1 - mail-filter/postsrsd/postsrsd-1.6.ebuild | 35 -------------------------------- 2 files changed, 36 deletions(-) Thank you! GLSA Vote: Yes New GLSA request filed. Unable to check for sanity:
> no match for package: mail-filter/postsrsd-1.10
This issue was resolved and addressed in GLSA 202107-08 at https://security.gentoo.org/glsa/202107-08 by GLSA coordinator John Helmert III (ajak). |