From: "Mark D. Baushke" <mdb@gnu.org>
Cc: mh-e-devel@lists.sourceforge.net, ding@gnus.org
Subject: Re: Gnus 5.10.6 problems with PGP/MIME (test cases)
Date: Wed, 18 Jan 2006 09:25:02 -0800 [thread overview]
Message-ID: <75578.1137605102@juniper.net> (raw)
In-Reply-To: <b4mpsmp3e11.fsf@jpl.org>
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: multipart/mixed; boundary="=-=-=", Size: 7983 bytes --]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --=-=-=
Katsumi Yamaoka <yamaoka@jpl.org> writes:
> >>>>> In <53032.1137578648@juniper.net> Mark D. Baushke wrote:
>
> > Katsumi Yamaoka <yamaoka@jpl.org> writes:
>
> >> Doesn't the patch cause inconvenience to DOS users?
>
> > It should work without any problems to DOS users.
>
> > What is happening is that --textmode tells GnuPG to send a literal
> > Data Packet (Tag 11) with a data format of 't' (0x74) to specify
> > that the packet contains text data and thus may need line ends
> > converted to local form, or other text-mode changes.
>
> [...]
>
> Thank you for the information. I roughly understood that
> `gpg --textmode' generates a *text* packet and recipients should
> treat it as text because it is *text*.
>
> [...]
Ahh... Rereading my message in the light of day, it seems I was a bit
more tired than I thought. Sorry for the rambling explaination...
> I will install your patch if no one comments.
Thank you.
> By the way, I found out the original author changed it not to
> use --textmode over six years ago.
>
> 1999-11-05 Daiki Ueno <>
> [...]
> * pgg-gpg.el (encrypt-region): Don't use "--textmode" in GPG
> arguments, replace line break code with CRLF while signing
> instead.
>
> This was done in SEMI before PGG was imported into Gnus. But I
> believe --textmode is needed there now.
Okay.
Oh, by the way, I received an e-mail today where the Mutt pgp-signed
message comes out like this:
To: mdb@juniper.net
From: "Mark D. Baushke" <mdb@gnu.org>
Subject: another pgp test
Date: Wed, 18 Jan 2006 09:12:29 -0800
[[PGP Signed Part:Undecided]]
[1. application/pgp]...
[[End of PGP Signed Part]]
or
[[PGP Signed Part:Mark D Baushke <mdb@gnu.org>]]
[1. application/pgp]...
[[End of PGP Signed Part]]
when I explicitly run mh-show-inline-mime-part on the message part,
then the body of the message is readable under the
[1. application/pgp]...
text. I will include a copy of a similar message that illustrates the
problem. I am not sure why the behavior difference should exist.
-- Mark
- --=-=-=
Content-Type: text/x-mail
Content-Disposition: attachment; filename=4
Content-Description: Test case 4. A signed forwarded message.
To: mdb@juniper.net
From: "Mark D. Baushke" <mdb@gnu.org>
Subject: another pgp test
Content-Type: application/pgp; x-action=sign; format=text
Content-Disposition: inline; filename="msg.pgp"
MIME-Version: 1.0
Date: Wed, 18 Jan 2006 09:12:29 -0800
Message-ID: <70397.1137604349@juniper.net>
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is an example of a forwarded message.
- - - Mark
- - ----- Forwarded message from FreeBSD Security Advisories <security-advisories@freebsd.org> -----
X-Original-To: freebsd-security-notifications@freebsd.org
Delivered-To: freebsd-security-notifications@freebsd.org
Date: Wed, 18 Jan 2006 09:10:16 GMT
X-Authentication-Warning: freefall.freebsd.org: cperciva set sender to
security-advisories@freebsd.org using -f
From: FreeBSD Security Advisories <security-advisories@freebsd.org>
To: FreeBSD Security Advisories <security-advisories@freebsd.org>
Precedence: bulk
Cc:
Subject: FreeBSD Security Advisory FreeBSD-SA-06:05.80211
X-BeenThere: freebsd-security-notifications@freebsd.org
X-Mailman-Version: 2.1.5
Reply-To: security-advisories@freebsd.org
List-Id: "Moderated Security Notifications \[moderated,
low volume\]" <freebsd-security-notifications.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications>,
<mailto:freebsd-security-notifications-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security-notifications>
List-Post: <mailto:freebsd-security-notifications@freebsd.org>
List-Help: <mailto:freebsd-security-notifications-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications>,
<mailto:freebsd-security-notifications-request@freebsd.org?subject=subscribe>
Errors-To: owner-freebsd-security-notifications@freebsd.org
X-Not-Spam: Spam Score: 1.804 - ADDR_FREE
X-Scanned-By: MIMEDefang 2.39
=============================================================================
FreeBSD-SA-06:05.80211 Security Advisory
The FreeBSD Project
Topic: IEEE 802.11 buffer overflow
Category: core
Module: net80211
Announced: 2006-01-18
Credits: Karl Janmar
Affects: FreeBSD 6.0
Corrected: 2006-01-18 09:03:15 UTC (RELENG_6, 6.0-STABLE)
2006-01-18 09:03:36 UTC (RELENG_6_0, 6.0-RELEASE-p3)
CVE Name: CVE-2006-0226
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
<URL:http://www.freebsd.org/security/>.
I. Background
The IEEE 802.11 network subsystem of FreeBSD implements the protocol
negotiation used for wireless networking.
II. Problem Description
An integer overflow in the handling of corrupt IEEE 802.11 beacon or
probe response frames when scanning for existing wireless networks can
result in the frame overflowing a buffer.
III. Impact
An attacker able broadcast a carefully crafted beacon or probe response
frame may be able to execute arbitrary code within the context of the
FreeBSD kernel on any system scanning for wireless networks.
IV. Workaround
No workaround is available, but systems without IEEE 802.11 hardware or
drivers loaded are not vulnerable.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 6-STABLE or to the RELENG_6_0
security branch dated after the correction date.
2) To patch your present system:
The following patches have been verified to apply to FreeBSD 6.0 systems.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:05/80211.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:05/80211.patch.asc
b) Apply the patch.
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:http://www.freebsd.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Branch Revision
Path
- - - -------------------------------------------------------------------------
RELENG_6
src/sys/net80211/ieee80211_ioctl.c 1.25.2.9
RELENG_6_0
src/UPDATING 1.416.2.3.2.8
src/sys/conf/newvers.sh 1.69.2.8.2.4
src/sys/net80211/ieee80211_ioctl.c 1.25.2.3.2.1
- - - -------------------------------------------------------------------------
VII. References
http://www.signedness.org/advisories/sps-0x1.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0226
The latest revision of this advisory is available at
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05.80211.asc
_______________________________________________
freebsd-security-notifications@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications
To unsubscribe, send any mail to "freebsd-security-notifications-unsubscribe@freebsd.org"
- - ----- End forwarded message -----
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQFDznb9Cg7APGsDnFERAja0AKC5obSkiWNH+ARuug7m+16WwiwUrQCgitir
8UAT7d2NTCf3P0IlwYaUJjI=
=H3rq
- -----END PGP SIGNATURE-----
- --=-=-=--
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQFDznnuCg7APGsDnFERAr1tAJ4n1LwhzMiGhJAVVySheLHcS+bYGACeOb9k
Lty+jAp+sUyB4YFCxMRmG0o=
=uP/Z
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2006-01-18 17:25 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-01-12 1:12 Mark D. Baushke
2006-01-13 23:24 ` Reiner Steib
2006-01-14 2:58 ` Mark D. Baushke
2006-01-14 14:58 ` Katsumi Yamaoka
2006-01-16 0:39 ` Katsumi Yamaoka
2006-01-16 6:36 ` Mark D. Baushke
2006-01-16 7:58 ` Katsumi Yamaoka
2006-01-16 8:41 ` Katsumi Yamaoka
2006-01-16 9:00 ` Katsumi Yamaoka
2006-01-16 19:17 ` Bill Wohler
2006-01-16 19:48 ` Mark D. Baushke
2006-01-17 7:35 ` Katsumi Yamaoka
2006-01-17 9:00 ` Mark D. Baushke
2006-01-17 10:53 ` Katsumi Yamaoka
2006-01-17 18:17 ` Mark D. Baushke
2006-01-18 5:33 ` Katsumi Yamaoka
2006-01-18 10:04 ` Mark D. Baushke
2006-01-18 12:40 ` Katsumi Yamaoka
2006-01-18 17:25 ` Mark D. Baushke [this message]
2006-01-18 17:29 ` Mark D. Baushke
2006-01-19 6:01 ` Katsumi Yamaoka
2006-01-19 9:13 ` Mark D. Baushke
2006-01-19 6:01 ` Synch of PGG (was Re: Gnus 5.10.6 problems with PGP/MIME (test cases)) Katsumi Yamaoka
2006-01-19 11:53 ` Synch of PGG Katsumi Yamaoka
2006-01-19 13:01 ` Simon Josefsson
2006-01-19 13:38 ` Reiner Steib
2006-01-19 13:47 ` Miles Bader
2006-01-19 14:48 ` Katsumi Yamaoka
2006-02-07 4:53 ` Gnus 5.10.6 problems with PGP/MIME (test cases) Daiki Ueno
2006-02-07 7:12 ` Mark D. Baushke
2006-02-07 7:46 ` Katsumi Yamaoka
2006-02-07 8:57 ` Daiki Ueno
2006-02-07 9:40 ` Mark D. Baushke
[not found] ` <9bda6607-510b-468c-bd1e-ec9b8865cdd2@well-done.deisui.org>
[not found] ` <15566.1139355525@juniper.net>
2006-02-08 8:09 ` Daiki Ueno
2006-02-08 8:30 ` Katsumi Yamaoka
2006-02-08 9:06 ` Daiki Ueno
2006-02-08 9:55 ` Katsumi Yamaoka
2006-02-09 5:24 ` Daiki Ueno
2006-02-09 5:29 ` Daiki Ueno
2006-02-09 5:48 ` Katsumi Yamaoka
2006-02-09 6:40 ` Mark D. Baushke
2006-02-09 6:44 ` Mark D. Baushke
2006-02-09 7:31 ` Katsumi Yamaoka
2006-02-09 7:42 ` Mark D. Baushke
[not found] ` <82857.1139467447-3r7Miqu9kMnR7s880joybQ@public.gmane.org>
2006-02-09 8:27 ` refered article lookup (was: Gnus 5.10.6 problems with PGP/MIME (test cases)) Jochen Küpper
2006-02-09 9:19 ` refered article lookup Katsumi Yamaoka
2006-02-08 15:27 ` Gnus 5.10.6 problems with PGP/MIME (test cases) Mark D. Baushke
2006-02-07 10:02 ` Katsumi Yamaoka
2006-02-07 23:40 ` Daiki Ueno
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=75578.1137605102@juniper.net \
--to=mdb@gnu.org \
--cc=ding@gnus.org \
--cc=mh-e-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).