blob: 5c01d1118f08c6b2cb5267cfd8594c2d00a1b297 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200511-13">
<title>Sylpheed, Sylpheed-Claws: Buffer overflow in LDIF importer</title>
Sylpheed and Sylpheed-Claws contain a buffer overflow vulnerability which
may lead to the execution of arbitrary code.
<product type="ebuild">sylpheed sylpheed-claws</product>
<announced>November 15, 2005</announced>
<revised>November 15, 2005: 01</revised>
<package name="mail-client/sylpheed" auto="yes" arch="*">
<unaffected range="ge">2.0.4</unaffected>
<vulnerable range="lt">2.0.4</vulnerable>
<package name="mail-client/sylpheed-claws" auto="yes" arch="*">
<unaffected range="ge">1.0.5-r1</unaffected>
<vulnerable range="lt">1.0.5-r1</vulnerable>
Sylpheed is a lightweight email client and newsreader.
Sylpheed-Claws is a 'bleeding edge' version of Sylpheed. They both
support the import of address books in LDIF (Lightweight Directory
Interchange Format).
Colin Leroy reported buffer overflow vulnerabilities in Sylpheed
and Sylpheed-Claws. The LDIF importer uses a fixed length buffer to
store data of variable length. Two similar problems exist also in the
Mutt and Pine addressbook importers of Sylpheed-Claws.
<impact type="normal">
By convincing a user to import a specially-crafted LDIF file into
the address book, a remote attacker could cause the program to crash,
potentially allowing the execution of arbitrary code with the
privileges of the user running the software.
There is no known workaround at this time.
All Sylpheed users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=mail-client/sylpheed-2.0.4&quot;</code>
All Sylpheed-Claws users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=mail-client/sylpheed-claws-1.0.5-r1&quot;</code>
<uri link="">CVE-2005-3354</uri>
<metadata tag="requester" timestamp="Sun, 13 Nov 2005 17:42:22 +0000">
<metadata tag="submitter" timestamp="Sun, 13 Nov 2005 18:10:25 +0000">
<metadata tag="bugReady" timestamp="Tue, 15 Nov 2005 08:35:12 +0000">