[7293] in SIPB bug reports
exmh bug
daemon@ATHENA.MIT.EDU (Kev)
Tue Jun 8 09:37:12 1999
To: bug-sipb@MIT.EDU
Date: Tue, 08 Jun 1999 09:36:54 EDT
From: Kev <klmitch@MIT.EDU>
version 2.0.2 2/24/98
SunOS all-night-tool.mit.edu 5.6 Generic_105181-11 sun4u sparc SUNW,Ultra-60
Tk 8.0 Tcl 8.0
I have MIME display turned off. Whenever I come across a message, such as
the one included below, that is marked with "Content-type: application/pgp;
format=text; x-action=sign", Exmh insists on displaying a blank body with
the following message:
This is a application/pgp
It might be displayable with metamail. (Invoke menu with right button.)
format = text
x-action = sign
right-clicking the mouse over the body pops up the MIME menu, which has
an _active_ checkbox next to "Decode part as MIME". This is obviously
bogus; clicking this checkbox brings up the message I'm expecting to get.
A sample message is included below...
------------------ Sample message ------------------
Received: from SOUTH-STATION-ANNEX.MIT.EDU by po9.MIT.EDU (5.61/4.7) id AA06603; Mon, 7 Jun 99 22:40:58 EDT
Received: from brimstone.netspace.org by MIT.EDU with SMTP
id AA25133; Mon, 7 Jun 99 22:40:28 EDT
Received: from netspace.org ([128.148.157.6]:57608 "EHLO netspace.org" ident: "TIMEDOUT2") by brimstone.netspace.org with ESMTP id <51045-3239>; Mon, 7 Jun 1999 22:37:41 -0400
Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8d) with
spool id 1467873 for BUGTRAQ@NETSPACE.ORG; Tue, 8 Jun 1999 02:39:00
+0000
Approved-By: aleph1@UNDERGROUND.ORG
Received: from underground.org (underground.org [209.179.181.153]) by
netspace.org (8.8.7/8.8.7) with SMTP id VAA31352 for
<bugtraq@netspace.org>; Mon, 7 Jun 1999 21:59:34 -0400
Received: (qmail 16371 invoked by uid 500); 8 Jun 1999 03:05:07 -0000
Received: (qmail 16330 invoked from network); 8 Jun 1999 02:44:34 -0000
Received: from murphy.debian.org (209.41.108.199) by underground.org with SMTP;
8 Jun 1999 02:44:34 -0000
Received: (qmail 10770 invoked by uid 38); 8 Jun 1999 01:27:20 -0000
X-Envelope-Sender: wichert@cs.leidenuniv.nl
Mime-Version: 1.0
Old-Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.4i
X-Debian: PGP check passed for security officers
Priority: urgent
X-Mailing-List: <debian-security-announce@lists.debian.org> archive/latest/53
X-Loop: debian-security-announce@lists.debian.org
Precedence: list
Content-Type: application/pgp; format=text; x-action=sign
Message-Id: <"VAKnMC.A.pmC.zFHX3"@murphy>
Date: Mon, 7 Jun 1999 20:05:07 -0700
Reply-To: security@debian.org
Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
Comments: RFC822 error: <W> RESENT-DATE field duplicated. Last occurrence
was retained.
Comments: RFC822 error: <W> Incorrect or incomplete address field found and
ignored.
Comments: Resent-From: debian-security-announce@lists.debian.org
Comments: Originally-From: Wichert Akkerman <wichert@cs.leidenuniv.nl>
From: debian-security-announce@LISTS.DEBIAN.ORG
Subject: Subject: [SECURITY] New version of kernel-image for sparc fixes
DoS attack
To: BUGTRAQ@NETSPACE.ORG
-----BEGIN PGP SIGNED MESSAGE-----
As is widely known by now the Linux 2.2.x kernels had a problem with
parsing IP options, which made them susceptible to a DoS attack.
The Debian GNU/Linux 2.1 release for the Sun sparc architecture uses such
a kernel. If you are using such a system and haven't upgraded the
kernel yourself, we recommend that you upgrade your kernel-image package
immediately. If you have a sun4u system please use kernel-image-2.2.9-sun4u,
otherwise use the normal kernel-image-2.2.9 package.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.1 alias slink
- --------------------------------
This version of Debian was released only for Intel, the Motorola
680x0, the alpha and the Sun sparc architecture.
Sun Sparc architecture:
http://security.debian.org/dists/stable/updates/binary-sparc/kernel-headers-2.2.9_2.2.9-2_sparc.deb
MD5 checksum: 2d8724b357c1444741f2fdd626e38615
http://security.debian.org/dists/stable/updates/binary-sparc/kernel-image-2.2.9-sun4u_2.2.9-2_sparc.deb
MD5 checksum: bbff1631f05124fed467d833276f8d68
http://security.debian.org/dists/stable/updates/binary-sparc/kernel-image-2.2.9_2.2.9-2_sparc.deb
MD5 checksum: 7c9e15ae2c7de1d84928660b964906ad
These files will be copied into
ftp://ftp.debian.org/debian/dists/stable/*/binary-sparc/ soon.
Please note you can also use apt to always get the latest security
updates. To do so add the following line to /etc/apt/sources.list:
deb http://security.debian.org/ stable updates
- --
Debian GNU/Linux . Security Managers . security@debian.org
debian-security-announce@lists.debian.org
Christian Hudon . Wichert Akkerman . Martin Schulze
<chrish@debian.org> . <wakkerma@debian.org> . <joey@debian.org>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQB1AwUBN1xhp6jZR/ntlUftAQHsKQL+NFpuuWWM2zJVTqLh0/0eIXIggpEaTpch
E/1wVfw59s+YmifKWupA9XYMy6ayjab6YDSnUHoD5drvKmWVLQEOdwJN58bbwWhy
EB69UmUtGi86aKZ5791u4Kn9nWLfWw1C
=PVkK
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
------------------ End sample message ------------------
--
Kevin L. Mitchell <klmitch@mit.edu>
------------------------- -. .---- --.. ..- -..- --------------------------
http://web.mit.edu/klmitch/www/ (PGP keys availiable from here)
RSA AE87D37D/1024: DE EA 1E 99 3F 2B F9 23 A0 D8 05 E0 6F BA B9 D2
DSS ED0DB34E/1024: D9BF 0E74 FDCB 43F5 C597 878F 9455 EC24 ED0D B34E
DH 2A2C31D4/2048: 1A77 4BA5 9E32 14AE 87DA 9FEC 7106 FC62 2A2C 31D4
