R. David Murray added the comment:
It has been, see the referenced issue. Now we just need someone to write a
patch.
--
nosy: +r.david.murray
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
Stephen Coulson added the comment:
Broke for me today. Hacked the _MAXLINE to get around it.
I don't see any size limit on multi-line in rfc. Only requirement is
dot-stuffing. I think this fix might need a rethink.
--
nosy: +scoulson
___
Python
Chris Smowton added the comment:
+1 to the above; suggest this should be rolled back and replaced with a total
message size limit.
--
nosy: +Chris Smowton
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
Ingo Ruhnke added the comment:
This fix has broken mail retrieval from both gmx.de, gmail.com and plenty of
other provider.
It manifests in getmail as:
Retrieval error: server for BrokenUIDLPOP3SSLRetriever:1860...@pop.gmx.net:995
is broken; offered message 239 but failed to provide it.
Roundup Robot added the comment:
New changeset 339f877cca11 by Benjamin Peterson in branch '2.7':
in poplib, limit maximum line length that we read from the network (closes
#16041)
https://hg.python.org/cpython/rev/339f877cca11
--
resolution: - fixed
stage: patch review - resolved
Matthias Klose added the comment:
this looks ok to me, can we apply this for 2.7.9?
--
nosy: +doko
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
Berker Peksag added the comment:
Here is a patch for 2.7.
--
nosy: +berker.peksag
stage: needs patch - patch review
Added file: http://bugs.python.org/file36970/issue16041_27.diff
___
Python tracker rep...@bugs.python.org
Changes by Berker Peksag berker.pek...@gmail.com:
Added file: http://bugs.python.org/file36971/issue16041_27.diff
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
Changes by Berker Peksag berker.pek...@gmail.com:
Removed file: http://bugs.python.org/file36970/issue16041_27.diff
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
Changes by Georg Brandl ge...@python.org:
--
versions: -Python 3.1
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
___
Python-bugs-list
Roundup Robot added the comment:
New changeset 76be07730f8d by Georg Brandl in branch '3.2':
Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to
https://hg.python.org/cpython/rev/76be07730f8d
--
___
Python tracker
Changes by Georg Brandl ge...@python.org:
--
versions: -Python 3.2
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
___
Python-bugs-list
Roundup Robot added the comment:
New changeset 68029048c9c6 by Georg Brandl in branch '3.3':
Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to
http://hg.python.org/cpython/rev/68029048c9c6
--
___
Python tracker
Georg Brandl added the comment:
Also merged to default.
--
versions: -Python 3.3, Python 3.4
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
Jyrki Pulliainen added the comment:
Here's a max line lenght fix for 3.2 (applies on 3.4 too).
I wonder if _getlongresp should have some max length detection too for max
length of a multiline response
--
Added file: http://bugs.python.org/file32335/issue16041_py32.patch
Larry Hastings added the comment:
Ping. Please fix before beta 1.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
___
Python-bugs-list
Jyrki Pulliainen added the comment:
Added a test for SSL, if SSL is available
--
Added file: http://bugs.python.org/file31923/issue16041_py26_with_ssl.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
Roundup Robot added the comment:
New changeset 7214e3324a45 by Barry Warsaw in branch '2.6':
- Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to
http://hg.python.org/cpython/rev/7214e3324a45
--
nosy: +python-dev
___
Python
Changes by Barry A. Warsaw ba...@python.org:
--
versions: -Python 2.6
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
___
Barry A. Warsaw added the comment:
On Sep 30, 2013, at 08:41 PM, Arfrever Frehtes Taifersar Arahesis wrote:
Arfrever Frehtes Taifersar Arahesis added the comment:
New changeset 7214e3324a45 by Barry Warsaw in branch '2.6':
- Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to
Arfrever Frehtes Taifersar Arahesis added the comment:
New changeset 7214e3324a45 by Barry Warsaw in branch '2.6':
- Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to
http://hg.python.org/cpython/rev/7214e3324a45
...
--- a/Misc/NEWS
+++ b/Misc/NEWS
...
+- Issue
Jyrki Pulliainen added the comment:
Attached a patch for 2.6.
Due to how tests are in 2.6, this adds one more test case with evil server,
which basically just returns too long lines.
--
Added file: http://bugs.python.org/file31913/issue16041_py26.patch
Barry A. Warsaw added the comment:
Looks good, although only the POP3 exception is actually tested. The POP3_SSL
exception isn't tested. Any chance you could add a test for that (obviously,
only if `import ssl` succeeds)?
--
___
Python tracker
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:
--
nosy: +barry
priority: critical - release blocker
versions: +Python 2.6, Python 3.1
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
Benjamin Peterson added the comment:
Not blocking 2.7.4 as discussed on mailing list.
--
priority: release blocker - critical
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
Jyrki Pulliainen added the comment:
Added a functionality that raises error_proto('line too long') if we read over
_MAXLINE characters. Defaults _MAXLINE to 2048. The patch is written on top of
2.7
--
keywords: +patch
nosy: +nailor
Added file:
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:
--
nosy: +Arfrever
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
Christian Heimes added the comment:
RFC 1939 says:
Responses in the POP3 consist of a status indicator and a keyword
possibly followed by additional information. All responses are
terminated by a CRLF pair. Responses may be up to 512 characters
long, including the terminating
Christian Heimes added the comment:
CVE-2013-1752 Unbound readline() DoS vulnerabilities in Python stdlib
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
Changes by Christian Heimes li...@cheimes.de:
--
nosy: +benjamin.peterson, georg.brandl, larry
priority: critical - release blocker
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
Changes by Giampaolo Rodola' g.rod...@gmail.com:
--
nosy: +giampaolo.rodola
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
___
___
Changes by Christian Heimes li...@cheimes.de:
--
assignee: - christian.heimes
priority: normal - critical
stage: - needs patch
versions: +Python 3.4
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16041
New submission from Christian Heimes:
This bug is similar to #16037 and a modified copy of #16038.
The poplib module doesn't limit the amount of read data in its call to
readline(). An erroneous or malicious POP3 server can trick the poplib module
to consume large amounts of memory.
33 matches
Mail list logo