thr3ads.net - Secure testing team - [Secure-testing-team] Bug#568291: possible buffer overflows [Feb 2010]

If this information is useful, please help other people find it:
Share via:

Steffen Joeris

2010-Feb-03 17:12 UTC

[Secure-testing-team] Bug#568291: possible buffer overflows

Package: libgmime-2.0-2a
Severity: grave
Tags: security patch

Hi

GMime upstream has released latest 2.4.15 [1] version of the
library fixing one security issue. From 2.4.15-changes [2] file:

2010-01-31  Jeffrey Stedfast  <fejj at novell.com>

        * gmime/gmime-encodings.h (GMIME_UUENCODE_LEN): Fixed to prevent
        possible buffer overflows.

The vulnerable code seems to be in gmime/gmime-utils.h, I''ve attached
upstream''s patch for your convenience, but I did not have a deeper look
at the buffer sizes, so it is unchecked.

stable is also affected and would need to be fixed as well I guess.
Please contact the secuirty team (team at security.debian.org), if
you''ve
checked the patch and have packages ready for lenny.
Thanks in advance.

Cheers
Steffen


References:

[1] http://ftp.gnome.org/pub/GNOME/sources/gmime/2.4/
[2] http://ftp.gnome.org/pub/GNOME/sources/gmime/2.4/gmime-2.4.15.changes
[3] http://ftp.gnome.org/pub/GNOME/sources/gmime/2.4/gmime-2.4.14-2.4.15.diff.gz
[4] http://secunia.com/advisories/38459/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gmime.patch
Type: text/x-diff
Size: 2224 bytes
Desc: not available
URL:
<http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20100203/58b337f7/attachment.patch>

Secure testing team - Feb 2010 - Bug#568291: possible buffer overflows

[Secure-testing-team] Bug#568291: possible buffer overflows