Package: mailscanner
Status: install ok installed
Priority: optional
Section: mail
Installed-Size: 5700
Maintainer: Matthias Klose <[EMAIL PROTECTED]>
Architecture: all
Version: 4.41.3-2
Depends: exim4 | mail-transport-agent, spamassassin (>= 2.11), unzip,
ncftp | wget, ucf (>= 1.08), perl (>= 5.8.4), libarchive-zip-perl (>=
1.14), libconvert-tnef-perl, libhtml-parser-perl, libmime-perl (>=
5.414), libnet-cidr-perl, libcompress-zlib-perl (>= 1.33),
libconvert-binhex-perl
Pre-Depends: debconf (>= 0.5.00)
Recommends: tnef (>= 1.1.1)
Suggests: clamav, f-prot-installer, libnet-ldap-perl, unrar-nonfree
Conflicts: exim4-base (<< 4.30-3)
Severity: important
Details:
The version of Mailscanner released with Sarge is vulnerable to the
"Empty MIME Boundary" bypass. It's possible that a virus or other
malware could bypass the AV scanner and other policy checks made by
MailScanner.
This has been fixed upstream in 4.42.9
Please could you change the boundary test block in Message.pm line 1273:
to the fixed version ( included below )?
# -------------------------------
# If the MIME boundary exists and is "" then remove the entire message.
# The top level must be multipart/mixed
if ($entity->head) {
if ($entity->is_multipart || $entity->head->mime_type =~
/^multipart/i) {
my $boundary = $entity->head->multipart_boundary;
#print STDERR "Boundary is \"$boundary\"\n";
if ($boundary eq "" || $boundary eq "\"\"" || $boundary =~ /^\s/) {
my $cantparse = MailScanner::Config::LanguageValue($this,
'cantanalyze');
$this->{allreports}{""} .= "$mailscannername: $cantparse\n";
$this->{alltypes}{""} .= 'c';
$this->{otherinfected}++;
#print STDERR "Found error\n";
}
}
}
Thanks,
Mark
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
