From 01b0cc92e582f90e466874b1b30fe1cff07c7c5d Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 28 Jul 2020 07:06:37 -0400 Subject: [PATCH] import mailman-2.1.29-10.module+el8.3.0+6860+8e47d84b --- SOURCES/mailman-CVE-2020-12137.patch | 14 +++++ SOURCES/mailman-bouncer_oom_crash.patch | 78 +++++++++++++++++++++++++ SOURCES/mailman-tmpfiles.conf | 2 +- SPECS/mailman.spec | 28 +++++++-- 4 files changed, 115 insertions(+), 7 deletions(-) create mode 100644 SOURCES/mailman-CVE-2020-12137.patch create mode 100644 SOURCES/mailman-bouncer_oom_crash.patch diff --git a/SOURCES/mailman-CVE-2020-12137.patch b/SOURCES/mailman-CVE-2020-12137.patch new file mode 100644 index 0000000..09d4bc2 --- /dev/null +++ b/SOURCES/mailman-CVE-2020-12137.patch @@ -0,0 +1,14 @@ +=== modified file 'Mailman/Handlers/Scrubber.py' +--- Mailman/Handlers/Scrubber.py 2018-06-17 23:47:34 +0000 ++++ Mailman/Handlers/Scrubber.py 2018-11-10 18:57:54 +0000 +@@ -87,6 +87,9 @@ + all = guess_all_extensions(ctype, strict=False) + if ext in all: + return ext ++ if ctype.lower == 'application/octet-stream': ++ # For this type, all[0] is '.obj'. '.bin' is better. ++ return '.bin' + return all and all[0] + + + diff --git a/SOURCES/mailman-bouncer_oom_crash.patch b/SOURCES/mailman-bouncer_oom_crash.patch new file mode 100644 index 0000000..54da0c9 --- /dev/null +++ b/SOURCES/mailman-bouncer_oom_crash.patch @@ -0,0 +1,78 @@ +--- Mailman/Bouncers/SimpleMatch.py 2018-06-17 23:47:34 +0000 ++++ Mailman/Bouncers/SimpleMatch.py 2020-01-17 00:03:34 +0000 +@@ -25,6 +25,9 @@ + def _c(pattern): + return re.compile(pattern, re.IGNORECASE) + ++# Pattern to match any valid email address and not much more. ++VALID = _c(r'[\x21-\x3d\x3f\x41-\x7e]+@[a-z0-9._]+') ++ + # This is a list of tuples of the form + # + # (start cre, end cre, address cre) +@@ -227,4 +230,4 @@ + break + if addrs: + break +- return addrs.keys() ++ return [x for x in addrs.keys() if VALID.match(x)] + +=== modified file 'Mailman/Bouncers/SimpleWarning.py' +--- Mailman/Bouncers/SimpleWarning.py 2018-06-17 23:47:34 +0000 ++++ Mailman/Bouncers/SimpleWarning.py 2020-01-17 00:03:34 +0000 +@@ -17,9 +17,10 @@ + + """Recognizes simple heuristically delimited warnings.""" + ++import email ++ + from Mailman.Bouncers.BouncerAPI import Stop + from Mailman.Bouncers.SimpleMatch import _c +-from Mailman.Bouncers.SimpleMatch import process as _process + + + +@@ -67,8 +68,25 @@ + + + def process(msg): +- if _process(msg, patterns): +- # It's a recognized warning so stop now +- return Stop +- else: +- return [] ++ # We used to just import process from SimpleMatch, but with the change in ++ # SimpleMatch to return only vaild addresses, that doesn't work any more. ++ # So, we copy most of the process from SimpleMatch here. ++ addrs = {} ++ for scre, ecre, acre in patterns: ++ state = 0 ++ for line in email.Iterators.body_line_iterator(msg, decode=True): ++ if state == 0: ++ if scre.search(line): ++ state = 1 ++ if state == 1: ++ mo = acre.search(line) ++ if mo: ++ addr = mo.group('addr') ++ if addr: ++ addrs[addr.strip('<>')] = 1 ++ elif ecre.search(line): ++ break ++ if addrs: ++ # It's a recognized warning so stop now ++ return Stop ++ return [] + +--- Mailman/Bouncers/SimpleMatch.py 2020-01-17 00:03:34 +0000 ++++ Mailman/Bouncers/SimpleMatch.py 2020-01-17 03:25:09 +0000 +@@ -26,7 +26,7 @@ + return re.compile(pattern, re.IGNORECASE) + + # Pattern to match any valid email address and not much more. +-VALID = _c(r'[\x21-\x3d\x3f\x41-\x7e]+@[a-z0-9._]+') ++VALID = _c(r'^[\x21-\x3d\x3f\x41-\x7e]+@[a-z0-9._]+$') + + # This is a list of tuples of the form + # + diff --git a/SOURCES/mailman-tmpfiles.conf b/SOURCES/mailman-tmpfiles.conf index 778868f..40ac77e 100644 --- a/SOURCES/mailman-tmpfiles.conf +++ b/SOURCES/mailman-tmpfiles.conf @@ -1,2 +1,2 @@ d /var/lock/mailman 0775 root mailman -d /var/run/mailman 0775 root mailman +d /run/mailman 0775 root mailman diff --git a/SPECS/mailman.spec b/SPECS/mailman.spec index 7e318af..301a343 100644 --- a/SPECS/mailman.spec +++ b/SPECS/mailman.spec @@ -3,7 +3,7 @@ Summary: Mailing list manager with built in Web access Name: mailman Version: 2.1.29 -Release: 4%{?dist} +Release: 10%{?dist} Epoch: 3 Group: Applications/Internet Source0: ftp://ftp.gnu.org/pub/gnu/mailman/mailman-%{version}.tgz @@ -29,6 +29,8 @@ Patch13: mailman-2.1.9-unicode.patch Patch21: mailman-2.1.13-env-python.patch Patch22: mailman-2.1.15-check_perms.patch Patch24: mailman-specify_python_version.patch +Patch25: mailman-CVE-2020-12137.patch +Patch26: mailman-bouncer_oom_crash.patch License: GPLv2+ @@ -118,6 +120,8 @@ additional installation steps, these are described in: %patch21 -p1 %patch22 -p1 %patch24 -p1 -b .python_version +%patch25 -p0 -b .cve_obj_mime +%patch26 -p0 -b .bouncer_match #cp $RPM_SOURCE_DIR/mailman.INSTALL.REDHAT.in INSTALL.REDHAT.in cp %{SOURCE5} INSTALL.REDHAT.in @@ -283,8 +287,6 @@ cat > %{buildroot}%{mmdir}/templates/README < - 3:2.1.29-10 +- Fix match patter to reduce false allocation + +* Mon May 25 2020 Pavel Zhukov - 3:2.1.29-9 +- Fix for CVE-2020-12137 + +* Wed May 6 2020 Pavel Zhukov - 3:2.1.29-8 +- Drop unversioned python from comments. + +* Wed May 6 2020 Pavel Zhukov - 3:2.1.29-7 +- Change attr of /etc/mailman + +* Thu Apr 23 2020 Pavel Zhukov - 3:2.1.29-6 +- Update run directory references (#1805954) +- fix #1188043 - set 2775 permission for /etc/mailman + * Mon Oct 8 2018 Pavel Zhukov - 3:2.1.29-4 - Resolves: #1636432 - Delete env python shebangs