Bug 450780 - Email messages with UIDs bigger than 2^31 are unreadable via SquirrelMail
Email messages with UIDs bigger than 2^31 are unreadable via SquirrelMail
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: squirrelmail (Show other bugs)
5.4
i386 Linux
low Severity medium
: rc
: ---
Assigned To: Michal Hlavinka
qe-baseos-daemons
http://sourceforge.net/tracker/index....
:
Depends On:
Blocks: 743405
  Show dependency treegraph
 
Reported: 2008-06-10 18:28 EDT by J Robinson
Modified: 2013-01-07 23:57 EST (History)
5 users (show)

See Also:
Fixed In Version: squirrelmail-1.4.8-19.el5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-01-07 23:57:47 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
don't convert uid to int, keep it as string (7.25 KB, patch)
2009-02-03 04:21 EST, Michal Hlavinka
no flags Details | Diff

  None (edit)
Description J Robinson 2008-06-10 18:28:34 EDT
+++ This bug was initially created as a clone of Bug #434987 +++

Description of problem:

Email messages with UIDs bigger than 2^31 are unreadable through squirrelmail.

Version-Release number of selected component (if applicable):

dovecot-0.99.11-8.EL4
squirrelmail-1.4.8-4.0.1.el4

How reproducible:

Try to view a message with a UID larger than 2^31.

Steps to Reproduce:
1.Configure squirrelmail to show messages from dovecot using mbox-format
mailboxes via IMAP.
2.Generate a message UID larger than 2^31 via X-UID, X-IMAPbase, X-IMAP or 
Message-ID:  headers. 
3.View the mailbox in squirrelmail. All messages will show up in mailbox view.
4.Click to see a message with a large id. 

Actual results:

You'll get the error ""The server couldn't find the message you requested. Most
probably your message list was out of date and the message has been moved away
or deleted (perhaps by another program accessing the same mailbox)." 

Expected results:

View content of clicked message.

Additional info:

This has caused multiple mailboxes to become completely unreadable via
SquirrelMail on my long-running RHEL 4 setup, as all received email messages are
created with message UIDs larger than 2^31.

Apparently dovecot 1.0 is far less likely to provide message UIDs larger than
2^31.  The core of the problem in squirrelmail seems to be that it handles
message UIDs as numbers, which causes them to be cast to signed integers.
Comment 1 J Robinson 2008-06-10 18:29:19 EDT
Still occurs with RHEL5 & dovecot-1.0-1.2.rc15.el5
Comment 3 Michal Hlavinka 2009-02-03 04:21:39 EST
Created attachment 330718 [details]
don't convert uid to int, keep it as string

patch has been send upstream:
>> so I wonder what's the destiny of the 1.4 patch?
>
> It will continue to be available in our tracker for people who want
> it, and depending on feedback and team opinions based on how popular
> it is, we may decide at some time in the future that the changes in
> the (stable) code are worth adding.
Comment 4 RHEL Product and Program Management 2009-03-26 13:06:05 EDT
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
Comment 10 RHEL Product and Program Management 2010-08-09 14:21:18 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 12 RHEL Product and Program Management 2011-01-11 15:23:37 EST
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 13 RHEL Product and Program Management 2011-01-12 10:11:20 EST
This request was erroneously denied for the current release of
Red Hat Enterprise Linux.  The error has been fixed and this
request has been re-proposed for the current release.
Comment 14 RHEL Product and Program Management 2011-05-31 09:21:33 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 15 RHEL Product and Program Management 2011-09-22 20:12:17 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 24 errata-xmlrpc 2013-01-07 23:57:47 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0126.html

Note You need to log in before you can comment on or make changes to this bug.