Your message dated Sat, 10 Sep 2022 13:40:55 +0100 with message-id <2cfc9645343bdb910fe19c07bddfec2c428346a3.camel@adam-barratt.org.uk> and subject line Closing requests for updates included in 10.13 has caused the Debian Bug report #1016439, regarding buster-pu: package procmail/3.22-26+deb10u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 1016439: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016439 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: buster-pu: package procmail/3.22-26+deb10u1
- From: Santiago Vila <sanvila@unex.es>
- Date: Sun, 31 Jul 2022 20:31:32 +0200
- Message-id: <dc542f98-444f-0160-0c40-e380013b2b0c@unex.es>
Package: release.debian.org Severity: normal Tags: buster User: release.debian.org@packages.debian.org Usertags: pu X-Debbugs-Cc: sanvila@debian.org Dear release managers:I've applied this small procmail fix to buster as well, hopefully to be part of the next point release, whenever it will be.This was done to bullseye previously: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014221 As in the bullseye case, this is the type of bug I don't want to see in stable or oldstable. The debdiff is attached. Thanks.diff -Nru procmail-3.22/debian/changelog procmail-3.22/debian/changelog --- procmail-3.22/debian/changelog 2017-11-16 23:42:36.000000000 +0100 +++ procmail-3.22/debian/changelog 2022-07-31 20:10:00.000000000 +0200 @@ -1,3 +1,11 @@ +procmail (3.22-26+deb10u1) buster; urgency=medium + + * Fix NULL pointer dereference. Closes: #769938. + Reported by Jakub Wilk using American Fuzzy Lop. + Patch from Stephen R. van den Berg. + + -- Santiago Vila <sanvila@debian.org> Sun, 31 Jul 2022 20:10:00 +0200 + procmail (3.22-26) unstable; urgency=medium * Fix buffer overflow in loadbuf(). Closes: #876511. diff -Nru procmail-3.22/debian/patches/31 procmail-3.22/debian/patches/31 --- procmail-3.22/debian/patches/31 1970-01-01 01:00:00.000000000 +0100 +++ procmail-3.22/debian/patches/31 2022-07-31 19:32:00.000000000 +0200 @@ -0,0 +1,19 @@ +From: Stephen R. van den Berg <srb@cuci.nl> +Subject: Cater for mails containing an incomplete From_ line. +Bug-Debian: http://bugs.debian.org/769938 +X-Debian-version: 3.22-27 + +--- a/src/from.c ++++ b/src/from.c +@@ -117,7 +117,10 @@ + themail.p[extra]='\0'; /* terminate it for strchr */ + } + while(!(rstart=strchr(themail.p,'\n'))); +- extra=rstart?extra-(++rstart-themail.p):0; ++ if (rstart) ++ extra -= ++rstart - themail.p; ++ else ++ extra = 0, rstart = themail.p; + } + else + { size_t tfrl= ++rstart-themail.p; /* length of existing From_ line */ diff -Nru procmail-3.22/debian/patches/series procmail-3.22/debian/patches/series --- procmail-3.22/debian/patches/series 2017-11-16 23:41:45.000000000 +0100 +++ procmail-3.22/debian/patches/series 2022-07-31 19:00:00.000000000 +0200 @@ -29,3 +29,4 @@ 28 29 30 +31
--- End Message ---
--- Begin Message ---
- To: 941901-done@bugs.debian.org, 945578-done@bugs.debian.org, 960396-done@bugs.debian.org, 966028-done@bugs.debian.org, 983841-done@bugs.debian.org, 987538-done@bugs.debian.org, 987941-done@bugs.debian.org, 990372-done@bugs.debian.org, 990739-done@bugs.debian.org, 991120-done@bugs.debian.org, 998390-done@bugs.debian.org, 1003293-done@bugs.debian.org, 1006182-done@bugs.debian.org, 1008056-done@bugs.debian.org, 1008062-done@bugs.debian.org, 1008154-done@bugs.debian.org, 1008163-done@bugs.debian.org, 1008578-done@bugs.debian.org, 1009065-done@bugs.debian.org, 1009076-done@bugs.debian.org, 1009251-done@bugs.debian.org, 1009652-done@bugs.debian.org, 1010060-done@bugs.debian.org, 1010193-done@bugs.debian.org, 1010305-done@bugs.debian.org, 1010380-done@bugs.debian.org, 1010388-done@bugs.debian.org, 1010615-done@bugs.debian.org, 1010858-done@bugs.debian.org, 1011030-done@bugs.debian.org, 1011272-done@bugs.debian.org, 1011286-done@bugs.debian.org, 1011360-done@bugs.debian.org, 1011745-done@bugs.debian.org, 1011943-done@bugs.debian.org, 1012048-done@bugs.debian.org, 1012066-done@bugs.debian.org, 1013347-done@bugs.debian.org, 1014145-done@bugs.debian.org, 1014200-done@bugs.debian.org, 1014346-done@bugs.debian.org, 1014860-done@bugs.debian.org, 1014907-done@bugs.debian.org, 1014909-done@bugs.debian.org, 1014912-done@bugs.debian.org, 1015243-done@bugs.debian.org, 1016169-done@bugs.debian.org, 1016176-done@bugs.debian.org, 1016198-done@bugs.debian.org, 1016439-done@bugs.debian.org, 1016671-done@bugs.debian.org, 1016733-done@bugs.debian.org, 1017112-done@bugs.debian.org, 1017393-done@bugs.debian.org, 1017998-done@bugs.debian.org, 1018048-done@bugs.debian.org, 1018080-done@bugs.debian.org, 1018086-done@bugs.debian.org, 1018092-done@bugs.debian.org, 1018095-done@bugs.debian.org, 1018096-done@bugs.debian.org, 1018097-done@bugs.debian.org, 1018101-done@bugs.debian.org, 1018107-done@bugs.debian.org, 1018108-done@bugs.debian.org, 1018151-done@bugs.debian.org, 1018152-done@bugs.debian.org, 1018178-done@bugs.debian.org, 1018179-done@bugs.debian.org, 1018182-done@bugs.debian.org, 1018184-done@bugs.debian.org, 1018185-done@bugs.debian.org, 1018199-done@bugs.debian.org, 1018241-done@bugs.debian.org, 1018244-done@bugs.debian.org, 1018246-done@bugs.debian.org, 1018250-done@bugs.debian.org
- Subject: Closing requests for updates included in 10.13
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 10 Sep 2022 13:40:55 +0100
- Message-id: <2cfc9645343bdb910fe19c07bddfec2c428346a3.camel@adam-barratt.org.uk>
Package: release.debian.org Version: 10.13 Hi, Each of the updates referenced in these bugs was included in today's 10.13 point release. Regards, Adam
--- End Message ---