From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/61699 Path: news.gmane.org!not-for-mail From: "Mark D. Baushke" Newsgroups: gmane.mail.mh-e.devel,gmane.emacs.gnus.general Subject: Re: Gnus 5.10.6 problems with PGP/MIME (test cases) Date: Wed, 18 Jan 2006 09:29:13 -0800 Message-ID: <75740.1137605353@juniper.net> References: <19643.1137028354@juniper.net> <26554.1137393402@juniper.net> <25107.1137439020@olgas.newt.com> <73630.1137440939@juniper.net> <31430.1137488443@juniper.net> <85906.1137521874@juniper.net> <53032.1137578648@juniper.net> <75578.1137605102@juniper.net> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: sea.gmane.org 1137605503 12294 80.91.229.2 (18 Jan 2006 17:31:43 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Wed, 18 Jan 2006 17:31:43 +0000 (UTC) Cc: mh-e-devel@lists.sourceforge.net, ding@gnus.org Original-X-From: mh-e-devel-admin@lists.sourceforge.net Wed Jan 18 18:31:38 2006 Return-path: Envelope-to: gmmd-mh-e-devel@m.gmane.org Original-Received: from lists-outbound.sourceforge.net ([66.35.250.225]) by ciao.gmane.org with esmtp (Exim 4.43) id 1EzH8F-0005jl-6y for gmmd-mh-e-devel@m.gmane.org; Wed, 18 Jan 2006 18:30:04 +0100 Original-Received: from sc8-sf-list1-b.sourceforge.net (sc8-sf-list1-b.sourceforge.net [10.3.1.7]) by sc8-sf-spam2.sourceforge.net (Postfix) with ESMTP id 7439412673; Wed, 18 Jan 2006 09:30:02 -0800 (PST) Original-Received: from sc8-sf-mx2-b.sourceforge.net ([10.3.1.92] helo=mail.sourceforge.net) by sc8-sf-list1.sourceforge.net with esmtp (Exim 4.30) id 1EzH7k-0007Hr-25 for mh-e-devel@lists.sourceforge.net; Wed, 18 Jan 2006 09:29:32 -0800 Original-Received: from colo-dns-ext2.juniper.net ([207.17.137.64]) by mail.sourceforge.net with esmtps (TLSv1:DES-CBC3-SHA:168) (Exim 4.44) id 1EzH7g-0008Ou-Jl for mh-e-devel@lists.sourceforge.net; Wed, 18 Jan 2006 09:29:29 -0800 Original-Received: from merlot.juniper.net (merlot.juniper.net [172.17.27.10]) by colo-dns-ext2.juniper.net (8.12.3/8.12.3) with ESMTP id k0IHTD1Z064147; Wed, 18 Jan 2006 09:29:13 -0800 (PST) (envelope-from mdb@juniper.net) Original-Received: from juniper.net (sapphire.juniper.net [172.17.28.108]) by merlot.juniper.net (8.11.3/8.11.3) with ESMTP id k0IHTD534483; Wed, 18 Jan 2006 09:29:13 -0800 (PST) (envelope-from mdb@juniper.net) Original-To: Katsumi Yamaoka In-Reply-To: <75578.1137605102@juniper.net> X-Mailer: MH-E 7.85+cvs; nmh 1.0.4; GNU Emacs 21.3.1 X-Face: #8D_6URD2G%vC.hzU, List-Id: Forum for the MH-E developers List-Post: List-Help: List-Subscribe: , List-Archive: X-Original-Date: Wed, 18 Jan 2006 09:29:13 -0800 Xref: news.gmane.org gmane.mail.mh-e.devel:11375 gmane.emacs.gnus.general:61699 Archived-At: --=-=-= Hi Katsumi, Hmmm... my last message tried to sign an attachment with the wrong mode, and odd things happened to it... I'll just attach test case 4 without signing this message... -- Mark --=-=-= Content-Type: text/x-mail Content-Disposition: attachment; filename=4 Content-Description: test case 4 - a signed forwarded message To: mdb@juniper.net From: "Mark D. Baushke" Subject: another pgp test Content-Type: application/pgp; x-action=sign; format=text Content-Disposition: inline; filename="msg.pgp" MIME-Version: 1.0 Date: Wed, 18 Jan 2006 09:12:29 -0800 Message-ID: <70397.1137604349@juniper.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is an example of a forwarded message. - - Mark - ----- Forwarded message from FreeBSD Security Advisories ----- X-Original-To: freebsd-security-notifications@freebsd.org Delivered-To: freebsd-security-notifications@freebsd.org Date: Wed, 18 Jan 2006 09:10:16 GMT X-Authentication-Warning: freefall.freebsd.org: cperciva set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-06:05.80211 X-BeenThere: freebsd-security-notifications@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: security-advisories@freebsd.org List-Id: "Moderated Security Notifications \[moderated, low volume\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: owner-freebsd-security-notifications@freebsd.org X-Not-Spam: Spam Score: 1.804 - ADDR_FREE X-Scanned-By: MIMEDefang 2.39 ============================================================================= FreeBSD-SA-06:05.80211 Security Advisory The FreeBSD Project Topic: IEEE 802.11 buffer overflow Category: core Module: net80211 Announced: 2006-01-18 Credits: Karl Janmar Affects: FreeBSD 6.0 Corrected: 2006-01-18 09:03:15 UTC (RELENG_6, 6.0-STABLE) 2006-01-18 09:03:36 UTC (RELENG_6_0, 6.0-RELEASE-p3) CVE Name: CVE-2006-0226 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The IEEE 802.11 network subsystem of FreeBSD implements the protocol negotiation used for wireless networking. II. Problem Description An integer overflow in the handling of corrupt IEEE 802.11 beacon or probe response frames when scanning for existing wireless networks can result in the frame overflowing a buffer. III. Impact An attacker able broadcast a carefully crafted beacon or probe response frame may be able to execute arbitrary code within the context of the FreeBSD kernel on any system scanning for wireless networks. IV. Workaround No workaround is available, but systems without IEEE 802.11 hardware or drivers loaded are not vulnerable. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE or to the RELENG_6_0 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:05/80211.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:05/80211.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - - ------------------------------------------------------------------------- RELENG_6 src/sys/net80211/ieee80211_ioctl.c 1.25.2.9 RELENG_6_0 src/UPDATING 1.416.2.3.2.8 src/sys/conf/newvers.sh 1.69.2.8.2.4 src/sys/net80211/ieee80211_ioctl.c 1.25.2.3.2.1 - - ------------------------------------------------------------------------- VII. References http://www.signedness.org/advisories/sps-0x1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0226 The latest revision of this advisory is available at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05.80211.asc _______________________________________________ freebsd-security-notifications@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications To unsubscribe, send any mail to "freebsd-security-notifications-unsubscribe@freebsd.org" - ----- End forwarded message ----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQFDznb9Cg7APGsDnFERAja0AKC5obSkiWNH+ARuug7m+16WwiwUrQCgitir 8UAT7d2NTCf3P0IlwYaUJjI= =H3rq -----END PGP SIGNATURE----- --=-=-=-- ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642