Your message dated Mon, 24 Aug 2015 02:40:19 -0700
with message-id <[email protected]>
has caused the report #795937,
regarding mairix: stack smash in make_nvp
to be marked as having been forwarded to the upstream software
author(s) [email protected]
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
795937: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795937
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Greetings!
Here's an upstream mairix bug you have probably already seen in the PR
in github. I'll probably fix this in Debian soon.
Later,
Mako
--
Benjamin Mako Hill
http://mako.cc/
Creativity can be a social contribution, but only in so far
as society is free to use the results. --GNU Manifesto
--- Begin Message ---
Package: mairix
Version: 0.23+git20131125-0.3
Severity: important
Tags: patch
Dear Maintainer,
Mairix has, at its core, a name/value pair scheme which assumes names and
values cannot exceed 256 bytes in length.
There was a semi-active bug which ended up with a 4k limit instead of a 256
byte limit, but instead I have submitted a PR which sizes the buffers
dynamically with input at https://github.com/rc0/mairix/pull/17
It makes sense to apply this to the mairix package and then, ideally, to submit
for a backport to jessie as currently in jessie I am unable to index my mail
archive without the above patch.
D.
-- System Information:
Debian Release: 8.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages mairix depends on:
ii libbz2-1.0 1.0.6-7+b3
ii libc6 2.19-18
ii zlib1g 1:1.2.8.dfsg-2+b1
mairix recommends no packages.
mairix suggests no packages.
-- no debconf information
--- End Message ---
signature.asc
Description: Digital signature
--- End Message ---
