Bug 450780

Summary: Email messages with UIDs bigger than 2^31 are unreadable via SquirrelMail
Product: Red Hat Enterprise Linux 5 Reporter: J Robinson <jrobinson852>
Component: squirrelmailAssignee: Michal Hlavinka <mhlavink>
Status: CLOSED ERRATA QA Contact: qe-baseos-daemons
Severity: medium Docs Contact:
Priority: low    
Version: 5.4CC: asersen, azelinka, dmair, ovasik, tao
Target Milestone: rc   
Target Release: ---   
Hardware: i386   
OS: Linux   
URL: http://sourceforge.net/tracker/index.php?func=detail&aid=1855717&group_id=311&atid=100311
Whiteboard:
Fixed In Version: squirrelmail-1.4.8-19.el5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-01-08 04:57:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 743405    
Attachments:
Description Flags
don't convert uid to int, keep it as string none

Description J Robinson 2008-06-10 22:28:34 UTC 
+++ This bug was initially created as a clone of Bug #434987 +++

Description of problem:

Email messages with UIDs bigger than 2^31 are unreadable through squirrelmail.

Version-Release number of selected component (if applicable):

dovecot-0.99.11-8.EL4
squirrelmail-1.4.8-4.0.1.el4

How reproducible:

Try to view a message with a UID larger than 2^31.

Steps to Reproduce:
1.Configure squirrelmail to show messages from dovecot using mbox-format
mailboxes via IMAP.
2.Generate a message UID larger than 2^31 via X-UID, X-IMAPbase, X-IMAP or 
Message-ID:  headers. 
3.View the mailbox in squirrelmail. All messages will show up in mailbox view.
4.Click to see a message with a large id. 

Actual results:

You'll get the error ""The server couldn't find the message you requested. Most
probably your message list was out of date and the message has been moved away
or deleted (perhaps by another program accessing the same mailbox)." 

Expected results:

View content of clicked message.

Additional info:

This has caused multiple mailboxes to become completely unreadable via
SquirrelMail on my long-running RHEL 4 setup, as all received email messages are
created with message UIDs larger than 2^31.

Apparently dovecot 1.0 is far less likely to provide message UIDs larger than
2^31.  The core of the problem in squirrelmail seems to be that it handles
message UIDs as numbers, which causes them to be cast to signed integers.
Comment 1 J Robinson 2008-06-10 22:29:19 UTC 
Still occurs with RHEL5 & dovecot-1.0-1.2.rc15.el5
Comment 3 Michal Hlavinka 2009-02-03 09:21:39 UTC 
Created attachment 330718 [details]
don't convert uid to int, keep it as string

patch has been send upstream:
>> so I wonder what's the destiny of the 1.4 patch?
>
> It will continue to be available in our tracker for people who want
> it, and depending on feedback and team opinions based on how popular
> it is, we may decide at some time in the future that the changes in
> the (stable) code are worth adding.
Comment 4 RHEL Program Management 2009-03-26 17:06:05 UTC 
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
Comment 10 RHEL Program Management 2010-08-09 18:21:18 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 12 RHEL Program Management 2011-01-11 20:23:37 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 13 RHEL Program Management 2011-01-12 15:11:20 UTC 
This request was erroneously denied for the current release of
Red Hat Enterprise Linux.  The error has been fixed and this
request has been re-proposed for the current release.
Comment 14 RHEL Program Management 2011-05-31 13:21:33 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 15 RHEL Program Management 2011-09-23 00:12:17 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 24 errata-xmlrpc 2013-01-08 04:57:47 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0126.html