Re: Vulnerability in Elm-ME+

Kari E. Hurtta (Kari.Hurtta@ozone.FMI.FI)
Sat, 17 May 1997 22:16:03 +0300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Joe Zbiciak: "Finally, most of an exploit for Solaris 2.5.1's ps."
Previous message: Thamer Al-Herbish: "UNIX domain socket (Solarisx86 2.5)"
Maybe in reply to: John Goerzen: "Vulnerability in Elm-ME+"

John Goerzen:
> Hello,
>
> I have confirmed that the recently-reported vulnerability in Elm is also
> present in Elm-ME+ and thus also in Debian GNU/Linux version 1.2, prerelease
> version 1.3, and development tree "unstable".

OK. I made fix to Elm 2.4ME+ PL32 (25)

Posted to alt.sources and comp.mail.elm with
Message-ID: <elm2.4ME+/PL32/1@ozone.FMI.FI>
Archive-name: elm2.4ME+/PL32

Available on ftp.ozone.FMI.FI
via anonymous ftp
directory KEH/
files elm-2.4ME+32.tar.gz
and elm-2.4ME+PL32.patch.gz

Also available with
<URL: http://www.ozone.FMI.FI/KEH/elm-2.4ME+32.tar.gz >
and <URL: http://www.ozone.FMI.FI/KEH/elm-2.4ME+PL32.patch.gz >
via WWW.

/ Kari Hurtta

--------------------------------------------------------------
Version Elm2.4ME+ PL0 (25) is based to version Elm2.4 PL24 ME8b+.
Version Elm2.4 PL24 ME8b+ is based to version Elm2.4 PL24 ME8b.

Version Elm2.4 PL24 ME8b is done by Michael Elkins <elkins.aero.org>.
For details, look file ANNOUNCE.ME

[ Equivalent of MIME code in Elm2.4 PL24 ME8b is posted to
Elm Development Cordinator ]

Version Elm2.4 PL24 ME8b is based to version Elm2.4 PL24.
Version Elm2.4ME+ PLx (25) includes patch of version Elm2.4 PL25.

Changes of Elm2.4ME+ PL32 (25) compared to Elm2.4ME+ PL31 (25)
---------------------------------------------------------------

- Incorrect Content-length: -header was causing corruption
of folders.
From: Guy Harris <guy@netapp.com>

- argv_from_to was not handled ',' in comments correctly.
Detected from report of Gary Casterline
<casterln@nature.Berkeley.EDU>
> Use rfc822_toklen instead of len_next_part

- SECURITY: strcpy -> strfcpy changes of Elm2.4ME+ PL29 (25)
was not done for curses.c in this source tree.
Bug report on List <BUGTRAQ@NETSPACE.ORG>.
From: John Goerzen <jgoerzen@happy.cs.twsu.edu>

- Some changes on curses.c (bl -- bell)

- Change output of option -v

- "If you use 'answer -u', then every user name is truncated to
three letters." ... "Change line 232 to: " ...
From: Jean-Pierre Radley <jpr@jpr.com>
[ Suggested fix was incorrect. ]

- "Configure always has had a problem on Linux systems,
extracting names in a usuable format (from /usr/lib/libc.so).
The following small change fixes this."
From: Bauke Jan Douma <bjdouma@xs4all.nl>

- "In Solaris enviroment NIS+ is now used instead of Yellow
Pages so I have modified Configure to reflect this and
allow to use niscat in the same fashion as ypcat was."
From: Jerzy Sobczyk <J.Sobczyk@ia.pw.edu.pl>

- Compilation of filter (actions.c) fail.
Reported by: Arnout Boer <arnoutb@xs4all.nl>

- Typo mismatch in lib/strftime.c
From: Yuval Shamir <yuvals@iil.intel.com>
- [wordwrap.c, bultin editor]
"Wordwrap and delete at the
beginning of the line does not work in PL31. Fix is below."
From: "Zoltan T. Hidvegi" <hzoli@VNET.IBM.COM>
[ I didn't used supplied patch. ]

- [builtin editor] There was 'sizeof buffer' instead of
'buffer_size' in get_with_expansion()

- Add same fflush -fix to remail.c which is in mailmsg2.c

Next message: Joe Zbiciak: "Finally, most of an exploit for Solaris 2.5.1's ps."
Previous message: Thamer Al-Herbish: "UNIX domain socket (Solarisx86 2.5)"
Maybe in reply to: John Goerzen: "Vulnerability in Elm-ME+"