There's a nasty little buffer overflow in rfc822.c, it is triggered by
headers longer than 512 characters, and appears to be quite exploitable.
Patch attached. Refers to Debian bug # 100394. This bug has been there
sleeping for a VERY long time... back to 5.5.3 at the very least (unless
some other code avoided calling nxtaddr in long headers back then... I
didn't check).
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
patch
Description: Text document
pgpGitDmlQZFR.pgp
Description: PGP signature