Colin Leroy has found three buffer overflows in Sylpheed and Sylpheed-Claws.
They are locally exploitable and could allow execution of code as the
One of them is in the LDIF importer, accessible from the Addressbook
(Tools menu). If the chosen file has a line longer than 2047 chars,
sylpheed(-claws) will segfault because the program will try to write
after the end of a 2048 chars static buffer. I don't know if this can
The other two are similar and concern only Sylpheed-Claws. They happen
in the Mutt and Pine addressbook importers found in the same place, and
the problem is the same.
Sylpheed: from 0.6.4 to 2.0.3 (stable), 2.1.5 (development), 1.0.5 (old)
Sylpheed-Claws: from 0.6.4 to 1.9.99 (included)
Sylpheed: >= 2.0.4 (stable), 2.1.6 (development), 1.0.6 (old)
Sylpheed-Claws: >= 1.9.100
This is semi-public, meaning it's not been announced yet but can be found in
upstream CVS. We are free to commit new releases to Portage.
hattya: we should add the following fixed versions :
genone: for sylpheed-claws, we might need to backport the fix for our 1.0.5
stable line, as only 1.9.100 is released to fix. These are the patches for
*** Bug 111872 has been marked as a duplicate of this bug. ***
Now completely public, please patch.
will do what I can at the weekend (I'm currently pretty busy during the week),
hopefully the patch for 1.0.5 shouldn't be tricky. The 1.9 branch might take a
bit longer as it also requires updated plugins (this is why .99 is still p.masked).
Ok, committed a 1.0.5-r1 as ~arch and a p.masked 1.9.100 (due to broken plugins).
*** Bug 112198 has been marked as a duplicate of this bug. ***
Sylpheed 2.0.4 and 2.1.6 are in CVS.
Sylpheed-claws-1.9.100 unmasked as of a few minutes ago. All that remains to do
for -claws is marking 1.0.5-r1 stable.
arches, please test and mark stable if possible:
target keywords: "alpha amd64 hppa ia64 ppc ~ppc64 sparc x86"
target keywords: "alpha amd64 ppc ppc64 sparc x86"
marked both ppc64 stable.
ppc and hppa done.
SPARCy SPARC and the stable bunch
marked both stable on alpha.
x86 is feeling a bit of those good vibrations, too...
sylpheed doesn't like it when you don't give true settings, it hangs when you
try to set up an account for dev.g.o on port 143... it hangs and you have to
kill it. however, 2.0.1 has the same behaviour, so this gets the amd64 keyword
both marked stable on amd64
ia64 should mark stable to benefit from GLSA