Created attachment 433902 [details] Ends logwatch report with a trailing CRLF Description of problem: ssmtp is disclosing uninitialized memory. The workaround is to end body with trailing newline character. This has been reported in numerous other places, including here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506188 Version-Release number of selected component (if applicable): 2.61 - 14.fc13 How reproducible: Send mail without a trailing CRLF (Logwatch does that) Steps to Reproduce: 1. install and configure ssmtp 2. run "logwatch" Actual results: Garbage at end of mail. Expected results: No garbage. Additional info: CVE-2008-3962, https://bugs.gentoo.org/234391, ...
In addition to the above, I can also see garbage at the end of the email when running the following perl script: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506188#5 Some more system information: sha1sum /usr/sbin/ssmtp f8963dcad905f74b4a8201b5644f5c26a013cee5 /usr/sbin/ssmtp uname -r 2.6.33.6-147.fc13.x86_64 rpm -qi ssmtp Name : ssmtp Relocations: (not relocatable) Version : 2.61 Vendor: Fedora Project Release : 14.fc13 Build Date: mar. 20 avril 2010 02:48:09 IST Install Date: lun. 26 juil. 2010 18:04:50 IST Build Host: x86-06.phx2.fedoraproject.org Group : Applications/Internet Source RPM: ssmtp-2.61-14.fc13.src.rpm Size : 95007 License: GPLv2+ Signature : RSA/SHA256, mar. 20 avril 2010 03:24:33 IST, Key ID 7edc6ad6e8e40fde Packager : Fedora Project URL : http://packages.debian.org/stable/mail/ssmtp ldd /usr/sbin/ssmtp linux-vdso.so.1 => (0x00007fffc4f55000) libssl.so.10 => /usr/lib64/libssl.so.10 (0x0000003417400000) libcrypto.so.10 => /lib64/libcrypto.so.10 (0x0000003415400000) libc.so.6 => /lib64/libc.so.6 (0x000000340a000000) libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x0000003417000000) libkrb5.so.3 => /lib64/libkrb5.so.3 (0x0000003416c00000) libcom_err.so.2 => /lib64/libcom_err.so.2 (0x0000003415800000) libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x0000003416000000) libdl.so.2 => /lib64/libdl.so.2 (0x000000340a400000) libz.so.1 => /lib64/libz.so.1 (0x000000340b000000) /lib64/ld-linux-x86-64.so.2 (0x0000003409800000) libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x0000003416400000) libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x0000003415c00000) libresolv.so.2 => /lib64/libresolv.so.2 (0x000000340bc00000) libpthread.so.0 => /lib64/libpthread.so.0 (0x000000340a800000) libselinux.so.1 => /lib64/libselinux.so.1 (0x0000003409c00000) Please ask for any additional details / tests to perform.
Thanks for the link to the reproducer. The funny part is that the older version ( ssmtp-2.61-11.8.el5 ) does not exhibit the problem. The "patched" version... does.
Marc, could you please test the new package, available as scratch build at http://koji.fedoraproject.org/koji/taskinfo?taskID=2353632 ? I'd like to see it tested before pushing the changes into the stables branches of Fedora. TIA.
(In reply to comment #3) > Marc, could you please test the new package, available as scratch build at > http://koji.fedoraproject.org/koji/taskinfo?taskID=2353632 ? This scratch build does fix the problem for me.
Great, thanks a lot. Look for the official packages in a while, I 'll schedule the builds now.
ssmtp-2.61-15.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/ssmtp-2.61-15.fc13
ssmtp-2.61-15.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/ssmtp-2.61-15.el5
ssmtp-2.61-15.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/ssmtp-2.61-15.fc12
ssmtp-2.61-15.el4 has been submitted as an update for Fedora EPEL 4. http://admin.fedoraproject.org/updates/ssmtp-2.61-15.el4
ssmtp-2.61-15.el4 has been pushed to the Fedora EPEL 4 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update ssmtp'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/ssmtp-2.61-15.el4
ssmtp-2.61-15.el5 has been pushed to the Fedora EPEL 5 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update ssmtp'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/ssmtp-2.61-15.el5
ssmtp-2.61-15.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update ssmtp'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/ssmtp-2.61-15.fc12
ssmtp-2.61-15.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update ssmtp'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/ssmtp-2.61-15.fc13
ssmtp-2.61-15.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
ssmtp-2.61-15.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
ssmtp-2.61-15.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
ssmtp-2.61-15.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report.