Launchpad has imported 5 comments from the remote bug at http://bugs.exim.org/show_bug.cgi?id=1106.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2011-04-29T16:01:39+00:00 Suresh Ramasubramanian wrote: Email from John Levine below - says it all I think. thanks --srs -------- Original Message -------- Subject: Re: dkim plugin in exim 4.72 doesnt seem to like your signature .. Date: 29 Apr 2011 10:50:50 -0400 From: John R. Levine <[email protected]> To: Suresh Ramasubramanian <[email protected]> It's a buglet in exim, which seems to be misinterpreting percent signs as printf codes or something. In DKIM signatures, percent signs aren't special. On Fri, 29 Apr 2011, Suresh Ramasubramanian wrote: > 2011-04-29 02:34:28 1QFk5k-0003Ry-NL string_format: unsupported type in > "%i" in "DKIM: d=iecc.com s=4330.4db9faa9.k1104 c=simple/simple > a=rsa-sha256 i=spamfighter%[email protected] [verification > succeeded]" > 2011-04-29 03:06:34 1QFkao-0003VB-Lv string_format: unsupported type in > "%i" in "DKIM: d=iecc.com s=4330.4db9faa9.k1104 c=simple/simple > a=rsa-sha256 i=spamfighter%[email protected] [verification > succeeded]" > 2011-04-29 03:37:32 1QFl4m-0003Xa-C0 string_format: unsupported type in > "%i" in "DKIM: d=iecc.com s=4330.4db9faa9.k1104 c=simple/simple > a=rsa-sha256 i=spamfighter%[email protected] [verification > succeeded]" > > etc > > Regards, John Levine, [email protected], Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly Reply at: https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/779391/comments/0 ------------------------------------------------------------------------ On 2011-04-30T13:21:53+00:00 Tom Kistner wrote: Thanks Suresh, fix is pushed. Reply at: https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/779391/comments/1 ------------------------------------------------------------------------ On 2011-04-30T14:17:05+00:00 Git-p wrote: Git commit: http://git.exim.org/exim.git/commitdiff/337e3505b0e6cd4309db6bf6062b33fa56e06cf8 commit 337e3505b0e6cd4309db6bf6062b33fa56e06cf8 Author: Tom Kistner <[email protected]> AuthorDate: Sat Apr 30 13:20:17 2011 +0100 Commit: Tom Kistner <[email protected]> CommitDate: Sat Apr 30 13:20:17 2011 +0100 Bugzilla #1106: Don't pass DKIM compound log line as format string --- src/src/dkim.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/src/dkim.c b/src/src/dkim.c index e25ff8c..2318cc3 100644 --- a/src/src/dkim.c +++ b/src/src/dkim.c @@ -108,7 +108,7 @@ void dkim_exim_verify_finish(void) { /* Log a line for each signature */ uschar *logmsg = string_append(NULL, &size, &ptr, 5, - string_sprintf( "DKIM: d=%s s=%s c=%s/%s a=%s ", + string_sprintf( "d=%s s=%s c=%s/%s a=%s ", sig->domain, sig->selector, (sig->canon_headers == PDKIM_CANON_SIMPLE)?"simple":"relaxed", @@ -176,7 +176,7 @@ void dkim_exim_verify_finish(void) { } logmsg[ptr] = '\0'; - log_write(0, LOG_MAIN, (char *)logmsg); + log_write(0, LOG_MAIN, "DKIM: %s", logmsg); /* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */ dkim_signers = string_append(dkim_signers, Reply at: https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/779391/comments/2 ------------------------------------------------------------------------ On 2011-05-10T12:40:49+00:00 Exim-bugs wrote: Just for the records: This bug is CVE-2011-1764 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2011-1764 Reply at: https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/779391/comments/14 ------------------------------------------------------------------------ On 2022-02-06T15:08:34+00:00 Simon-marchi-y wrote: Maybe I can check it and also apply for that. Hope it is useful. http://embermanchester.uk Maybe I can check it and also apply for that. Hope it is useful http://www.compilatori.com Maybe I can check it and also apply for that. Hope it is useful http://www.wearelondonmade.com Maybe I can check it and also apply for that. Hope it is useful http://www.jopspeech.com Maybe I can check it and also apply for that. Hope it is useful http://joerg.li/ Maybe I can check it and also apply for that. Hope it is useful http://connstr.net/ Maybe I can check it and also apply for that. Hope it is useful http://www.slipstone.co.uk/ Maybe I can check it and also apply for that. Hope it is useful http://www.logoarts.co.uk/ Maybe I can check it and also apply for that. Hope it is useful http://www.acpirateradio.co.uk/ Maybe I can check it and also apply for that. Hope it is useful https://waytowhatsnext.com/ Maybe I can check it and also apply for that. Hope it is useful https://www.webb-dev.co.uk/ Maybe I can check it and also apply for that. Hope it is useful http://www.iu-bloomington.com/ Maybe I can check it and also apply for that. Hope it is useful http://www-look-4.com/ Maybe I can check it and also apply for that. Hope it is useful https://komiya-dental.com/ Maybe I can check it and also apply for that. Hope it is useful https://www.arborconsult.space/ Maybe I can check it and also apply for that. Hope it is useful http://fishingnewsletters.co.uk/ Maybe I can check it and also apply for that. Hope it is useful http://www.go-mk-websites.co.uk/ Maybe I can check it and also apply for that. Hope it is useful http://www.mconstantine.co.uk/ Maybe I can check it and also apply for that. Hope it is useful http://the-hunters.org/ Maybe I can check it and also apply for that. Hope it is useful http://rhee.tech/ Maybe I can check it and also apply for that. Hope it is useful https://texastourgear.live/ Maybe I can check it and also apply for that. Hope it is useful http://www.i-obchody.info/ Maybe I can check it and also apply for that. Hope it is useful http://www.caviastal-ruan.nl/ Maybe I can check it and also apply for that. Hope it is useful http://www.dotkraft.com/ Maybe I can check it and also apply for that. Hope it is useful Maybe I can check it and also apply for that. Hope it is useful http://www.hildyphotography.com/ Maybe I can check it and also apply for that. Hope it is useful http://illustratedmind.pl/ Maybe I can check it and also apply for that. Hope it is useful http://ammko.pl/ Maybe I can check it and also apply for that. Hope it is useful Maybe I can check it and also apply for that. http://www.jindorescue.org/ Hope it is useful Maybe I can check it and also apply for that. Hope it is useful Maybe http://www.pistoneforcongress.net/ I can check it and also apply for that. Hope it is useful Maybe I can check it and also apply http://ruirui.store/ for that. Hope it is useful Maybe I can check it and also apply for that. Hope it is useful Maybe I can http://www.foamhands.store/ check it and also apply for that. Hope it is useful Reply at: https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/779391/comments/16 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/779391 Title: CVE-2011-1764: format string vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/exim/+bug/779391/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
