Package: mailscanner Status: install ok installed Priority: optional Section: mail Installed-Size: 5700 Maintainer: Matthias Klose <[EMAIL PROTECTED]> Architecture: all Version: 4.41.3-2 Depends: exim4 | mail-transport-agent, spamassassin (>= 2.11), unzip, ncftp | wget, ucf (>= 1.08), perl (>= 5.8.4), libarchive-zip-perl (>= 1.14), libconvert-tnef-perl, libhtml-parser-perl, libmime-perl (>= 5.414), libnet-cidr-perl, libcompress-zlib-perl (>= 1.33), libconvert-binhex-perl Pre-Depends: debconf (>= 0.5.00) Recommends: tnef (>= 1.1.1) Suggests: clamav, f-prot-installer, libnet-ldap-perl, unrar-nonfree Conflicts: exim4-base (<< 4.30-3) Severity: important
Details: The version of Mailscanner released with Sarge is vulnerable to the "Empty MIME Boundary" bypass. It's possible that a virus or other malware could bypass the AV scanner and other policy checks made by MailScanner. This has been fixed upstream in 4.42.9 Please could you change the boundary test block in Message.pm line 1273: to the fixed version ( included below )? # ------------------------------- # If the MIME boundary exists and is "" then remove the entire message. # The top level must be multipart/mixed if ($entity->head) { if ($entity->is_multipart || $entity->head->mime_type =~ /^multipart/i) { my $boundary = $entity->head->multipart_boundary; #print STDERR "Boundary is \"$boundary\"\n"; if ($boundary eq "" || $boundary eq "\"\"" || $boundary =~ /^\s/) { my $cantparse = MailScanner::Config::LanguageValue($this, 'cantanalyze'); $this->{allreports}{""} .= "$mailscannername: $cantparse\n"; $this->{alltypes}{""} .= 'c'; $this->{otherinfected}++; #print STDERR "Found error\n"; } } } Thanks, Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]