[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
** Branch linked: lp:ubuntu/karmic/sympa -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
** Branch linked: lp:ubuntu/gutsy-updates/sympa -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
Please close for Feisty as Won't Fix? This goes for all the other Feisty bugs. -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
** Changed in: sympa (Ubuntu Feisty) Status: Confirmed = Won't Fix -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
** Changed in: sympa (Ubuntu Gutsy) Status: In Progress = Fix Released -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
Fix synced by debian. POC available here: http://sourcesup.cru.fr/tracker/?func=detailgroup_id=23aid=3702atid=167 Tested on gutsy x86. -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
Thanks for the gutsy debdiff! Can you post your testing for gutsy? Once that is done I can push these out. -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
Ubuntu Edgy Eft is no longer supported, so a SRU will not be issued for this release. Marking Edgy as Won't Fix. ** Changed in: sympa (Ubuntu Edgy) Status: New = Won't Fix -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
** Changed in: sympa (Debian) Status: Unknown = Fix Released -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
This bug was fixed in the package sympa - 5.3.4-2ubuntu2 --- sympa (5.3.4-2ubuntu2) hardy; urgency=low * SECURITY UPDATE: (LP: #216591) + fixed src/PlainDigest.pm inline - Sympa before 5.4 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message with a malformed value of the Content-Type header and unspecified other headers. NOTE: some of these details are obtained from third party information. * References + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1648 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475163 -- Emanuele Gentili [EMAIL PROTECTED] Mon, 14 Apr 2008 08:44:38 +0200 ** Changed in: sympa (Ubuntu Hardy) Status: In Progress = Fix Released -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
motu-release ack for Hardy. -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
** Changed in: sympa (Ubuntu Gutsy) Importance: Undecided = Medium Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress ** Attachment added: gutsy_security_sympa_5.2.4-1.1ubuntu1.1.debdiff http://launchpadlibrarian.net/13417330/gutsy_security_sympa_5.2.4-1.1ubuntu1.1.debdiff -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
ubuntu-universe-sponsor subscribed for hardy upload. -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 216591] Re: [CVE-2008-1648] denial of service via crafted Content-Type header
** Changed in: sympa (Ubuntu Hardy) Assignee: (unassigned) = Emanuele Gentili (emgent) Status: Confirmed = In Progress ** Attachment added: hardy_sympa_5.3.4-2ubuntu2.debdiff http://launchpadlibrarian.net/13417280/hardy_sympa_5.3.4-2ubuntu2.debdiff -- [CVE-2008-1648] denial of service via crafted Content-Type header https://bugs.launchpad.net/bugs/216591 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs