Hi It's not completely clear to me. If I understand things correctly, this patch makes it possible for amavisd to detect the RIFF ani exploit. But I asume a entry in amavisd.conf is nessecary for blocking this. What option to amavisd.conf should be added to block the RIFF ani exploit?
John "Mark Martinec" <[EMAIL PROTECTED]> schreef in bericht news:[EMAIL PROTECTED] > Henrik, > >> Hi, as we know there is ANI-file cursor exploit going on.. >> http://www.kb.cert.org/vuls/id/191609 >> >> I patched my amavis pre3 to find those files. As I can see, >> there is no easy way to add own magic-signatures in addition >> to the default ones? Perhaps there could be some option? > > The $map_full_type_to_short_type_re is accessible from amavisd.conf, > one can assign a substitute list to it, or modify entries of the > existing default list. The easiest would be to append or prepend > entries to the list, but since the order matters, this is more > likely than not the best place for some new entry. > >> + [qr/^RIFF\b.*\banimated cursor\b/ =>['movie','ani'] ], > > Thanks, I'll add it to 2.5.0. > > Mark > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share > your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > AMaViS-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ > ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
