https://bugzilla.redhat.com/show_bug.cgi?id=1835353
Bug ID: 1835353
Summary: rubygem-mail: Out of memory issue through nested MIME
parts
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: akarol(a)redhat.com, alexl(a)redhat.com,
bbuckingham(a)redhat.com, bcourt(a)redhat.com,
bkearney(a)redhat.com, btotty(a)redhat.com,
caillon+fedoraproject(a)gmail.com, caolanm(a)redhat.com,
dmetzger(a)redhat.com, gmccullo(a)redhat.com,
gnome-sig(a)lists.fedoraproject.org,
gtanzill(a)redhat.com, hhudgeon(a)redhat.com,
jfrey(a)redhat.com, jhardy(a)redhat.com,
john.j5live(a)gmail.com, jose.p.oliveira.oss(a)gmail.com,
lzap(a)redhat.com, mclasen(a)redhat.com,
mmccune(a)redhat.com, nmoumoul(a)redhat.com,
obarenbo(a)redhat.com, paul(a)city-fan.org,
perl-devel(a)lists.fedoraproject.org, rchan(a)redhat.com,
rhughes(a)redhat.com, rjerrido(a)redhat.com,
rob.myers(a)gtri.gatech.edu, roliveri(a)redhat.com,
rstrode(a)redhat.com, sandmann(a)redhat.com,
simaishi(a)redhat.com, smallamp(a)redhat.com,
sokeeffe(a)redhat.com, tbrisker(a)redhat.com,
tcallawa(a)redhat.com, vondruch(a)redhat.com,
walter.pete(a)yandex.com, xavier(a)bachelot.org
Target Milestone: ---
Classification: Other
A possible DoS issue may affect several MIME parsers. Messages with too many
tiny nested MIME parts can lead to memory exhaustion on split().
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960064
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960062
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960159
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960158
--
You are receiving this mail because:
You are on the CC list for the bug.