Your message dated Wed, 12 Jan 2005 22:40:14 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Fixed upstream
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 3 Nov 2003 18:30:05 +0000
>From [EMAIL PROTECTED] Mon Nov 03 12:30:04 2003
Return-path: <[EMAIL PROTECTED]>
Received: from hirsch.in-berlin.de [192.109.42.6]
by master.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1AGjSm-0000PC-00; Mon, 03 Nov 2003 12:30:04 -0600
X-Envelope-From: [EMAIL PROTECTED]
X-Envelope-To: <[EMAIL PROTECTED]>
Received: from hirsch.in-berlin.de (localhost [127.0.0.1])
by hirsch.in-berlin.de (8.12.10/8.12.10/Debian-4) with ESMTP id
hA3IU2Ra027886
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
for <[EMAIL PROTECTED]>; Mon, 3 Nov 2003 19:30:02 +0100
Received: from myrkr.in-berlin.de ([EMAIL PROTECTED])
by hirsch.in-berlin.de (8.12.10/8.12.10/Debian-4) with BSMTP id
hA3IU2jW027884
for [EMAIL PROTECTED]; Mon, 3 Nov 2003 19:30:02 +0100
Received: from torsten by myrkr.in-berlin.de with local (Exim 4.22 #1 (Debian))
id 1AGjQj-0001za-48
for <[EMAIL PROTECTED]>; Mon, 03 Nov 2003 19:27:57 +0100
To: [EMAIL PROTECTED]
Subject: [PATCH] Bug in AMAVIS::Extract::RAR prevents rar archive being
scanned
From: Torsten Hilbrich <[EMAIL PROTECTED]>
X-Face: &h3VJ.Wf$"FwQv&ybX66{lt4*Mo%#kP6^"eU?7~UHhgF6l7)UB0f~g'}64W-b{tK1Jyh)^!
%sc(cpH%Yv}bh"VwaJ>>!Kv*k4EJn^Lt[X|f<
Date: Mon, 03 Nov 2003 19:27:57 +0100
Message-ID: <[EMAIL PROTECTED]>
User-Agent: Gnus/5.1003 (Gnus v5.10.3) Emacs/21.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Scanned-By: MIMEDefang 2.37
Delivered-To: [EMAIL PROTECTED]
X-Spam-Status: No, hits=-8.9 required=4.0
tests=BAYES_20,HAS_PACKAGE,PATCH_UNIFIED_DIFF
autolearn=ham version=2.53-bugs.debian.org_2003_11_03
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_11_03
(1.174.2.15-2003-03-30-exp)
Package: amavis-ng
Version: 0.1.6.5-1
Note: I reported this bug upstream 3 month ago, without any reaction
yet.
While doing a thorough evaluation of Amavis-ng for using it in a
larger installation I noticed that the eicar test virus was not found
when being part of a rar archive. After doing some checking I found
the bug in the AMAVIS::Extract::RAR modules (Id: RAR.pm,v 1.10
2003/03/31 06:06:35 bengen Exp).
Here is the patch first:
$ diff -u RAR.pm.orig RAR.pm
--- RAR.pm.orig 2003-08-09 08:39:54.000000000 +0200
+++ RAR.pm 2003-08-09 08:40:18.000000000 +0200
@@ -46,7 +46,7 @@
my @list;
# Get listing
- my $output_handle = cmd_pipe($args, $cfg_unrar_binary, '-inul', 'v',
+ my $output_handle = cmd_pipe($args, $cfg_unrar_binary, 'v',
"$$args{'directory'}/parts/$filename");
while(<$output_handle>) {
last if /^------.*/;
The -inul option will prevent any output from the view command:
$ unrar -inul v test.rar
$ unrar v test.rar
UNRAR 3.10 freeware Copyright (c) 1993-2002 Eugene Roshal
Archive test.rar
Pathname/Comment
Size Packed Ratio Date Time Attr CRC Meth Ver
-------------------------------------------------------------------------------
test.txt
0 8 0% 09-08-03 08:30 -rw-r--r-- 00000000 m3b 2.9
-------------------------------------------------------------------------------
1 0 8 0%
I tested this behaviour with the versions 3.10, 3.0 and 2.71 of unrar.
This makes amavis into thinking the archive is empty and not scanning
it. Quite dangerous for a virus scanner.
The patch removes the -inul option and the eicar test virus is found.
Torsten
---------------------------------------
Received: (at 218987-done) by bugs.debian.org; 12 Jan 2005 21:40:13 +0000
>From [EMAIL PROTECTED] Wed Jan 12 13:40:13 2005
Return-path: <[EMAIL PROTECTED]>
Received: from mail.cobolt.net (mustang.cobolt.net) [213.180.160.231]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CoqDs-0000Lu-00; Wed, 12 Jan 2005 13:40:12 -0800
Received: from pd95ec6de.dip.t-dialin.net ([217.94.198.222]
helo=turtle.linuxia.de)
by mustang.cobolt.net with asmtp (Exim 3.35 #1 (Debian))
id 1CoqCZ-0001d5-00; Wed, 12 Jan 2005 22:38:51 +0100
Date: Wed, 12 Jan 2005 22:40:14 +0100
From: Stefan Hornburg <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Fixed upstream
Message-Id: <[EMAIL PROTECTED]>
Organization: LinuXia Systems
X-Mailer: Sylpheed version 1.0.0beta3 (GTK+ 1.2.10; i386-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Virus-Scanned-By: AMaViS-ng with CLAMD on mustang.cobolt.net
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-2.0 required=4.0 tests=BAYES_01 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Hello,
this bug has been fixed in amavis-ng 0.1.6.6.
Thanks
Racke
--
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
