diff -c --recursive ../inn1.4/README ./README *** ../inn1.4/README Thu Mar 18 16:12:26 1993 --- ./README Wed Dec 22 10:23:59 1993 *************** *** 1,3 **** --- 1,15 ---- + Wed Dec 22 09:46:22 EST 1993 + + This is INN1.4-sec. It is INN1.4 with a security patch installed. + Without this patch, any control messages that get mailed can, on many + systems, end up invoking any command as the news admin. This is + more properly a bug in mail (the UCB Mail program), but INN should not + let itself be vunerable to it. + + This patch (except for the include/patchlevel.h date change and this + note in the README) will be part of INN1.5. + /r$ + $Revision: 1.28 $ InterNetNews -- the Internet meets Netnews diff -c --recursive ../inn1.4/include/patchlevel.h ./include/patchlevel.h *** ../inn1.4/include/patchlevel.h Thu Mar 18 16:04:16 1993 --- ./include/patchlevel.h Wed Dec 22 09:43:52 1993 *************** *** 368,374 **** */ #define RELEASE "1" #define PATCHLEVEL "4" ! #define DATE "20-Mar-93" /* --- 368,374 ---- */ #define RELEASE "1" #define PATCHLEVEL "4" ! #define DATE "22-Dec-93" /* diff -c --recursive ../inn1.4/samples/checkgroups ./samples/checkgroups *** ../inn1.4/samples/checkgroups Thu Mar 18 16:04:46 1993 --- ./samples/checkgroups Wed Dec 22 09:46:41 1993 *************** *** 21,27 **** echo "${CONTROLPROGS}/docheckgroups <<-EOF-" ${SED} -e '1,/^$/d' <${ARTICLE} echo '-EOF-' ! ) | ${MAILCMD} -s "checkgroups by ${FROM}" ${NEWSMASTER} ;; doit) ${SED} -e '1,/^$/d' <${ARTICLE} \ --- 21,27 ---- echo "${CONTROLPROGS}/docheckgroups <<-EOF-" ${SED} -e '1,/^$/d' <${ARTICLE} echo '-EOF-' ! ) | sed -e 's/^~/~~/' | ${MAILCMD} -s "checkgroups by ${FROM}" ${NEWSMASTER} ;; doit) ${SED} -e '1,/^$/d' <${ARTICLE} \ diff -c --recursive ../inn1.4/samples/default ./samples/default *** ../inn1.4/samples/default Fri Jan 29 11:52:08 1993 --- ./samples/default Wed Dec 22 09:46:44 1993 *************** *** 10,17 **** case ${ACTION} in mail) ! ${MAILCMD} -s "Unknown control message by ${FROM}" \ ! ${NEWSMASTER} <${ARTICLE} ;; doit|logit) ${WRITELOG} ${LOGFILE} "Unknown control message by ${FROM}" \ --- 10,17 ---- case ${ACTION} in mail) ! sed -e 's/^~/~~/' <${ARTICLE} \ ! | ${MAILCMD} -s "Unknown control message by ${FROM}" ${NEWSMASTER} ;; doit|logit) ${WRITELOG} ${LOGFILE} "Unknown control message by ${FROM}" \ diff -c --recursive ../inn1.4/samples/ihave ./samples/ihave *** ../inn1.4/samples/ihave Tue Oct 13 15:22:00 1992 --- ./samples/ihave Wed Dec 22 09:46:47 1993 *************** *** 9,15 **** case ${ACTION} in mail) ! ${MAILCMD} -s "ihave by ${FROM}" ${NEWSMASTER} <${ARTICLE} ;; doit) ## Scan the message body for articles we don't have. --- 9,16 ---- case ${ACTION} in mail) ! sed -e 's/^~/~~/' <${ARTICLE} \ ! | ${MAILCMD} -s "ihave by ${FROM}" ${NEWSMASTER} ;; doit) ## Scan the message body for articles we don't have. diff -c --recursive ../inn1.4/samples/rmgroup ./samples/rmgroup *** ../inn1.4/samples/rmgroup Thu Mar 18 16:05:00 1993 --- ./samples/rmgroup Wed Dec 22 09:46:55 1993 *************** *** 21,27 **** echo " ${NEWSBIN}/ctlinnd rmgroup ${P1}" echo '' echo 'The full article was:' ! cat ${ARTICLE} ) | ${MAILCMD} -s "rmgroup $1 by ${FROM}" ${NEWSMASTER} exit ;; --- 21,27 ---- echo " ${NEWSBIN}/ctlinnd rmgroup ${P1}" echo '' echo 'The full article was:' ! sed -e 's/^~/~~/' ${ARTICLE} ) | ${MAILCMD} -s "rmgroup $1 by ${FROM}" ${NEWSMASTER} exit ;; diff -c --recursive ../inn1.4/samples/sendme ./samples/sendme *** ../inn1.4/samples/sendme Tue Oct 13 15:22:13 1992 --- ./samples/sendme Wed Dec 22 09:46:57 1993 *************** *** 9,15 **** case ${ACTION} in mail) ! ${MAILCMD} -s "sendme by ${FROM}" ${NEWSMASTER} <${ARTICLE} ;; doit) ## Scan the message body. --- 9,16 ---- case ${ACTION} in mail) ! sed -e 's/^~/~~/' <${ARTICLE} \ ! | ${MAILCMD} -s "sendme by ${FROM}" ${NEWSMASTER} ;; doit) ## Scan the message body. diff -c --recursive ../inn1.4/samples/sendsys ./samples/sendsys *** ../inn1.4/samples/sendsys Tue Oct 13 15:22:13 1992 --- ./samples/sendsys Wed Dec 22 09:47:00 1993 *************** *** 29,35 **** echo '' echo 'The full article was:' cat ${ARTICLE} ! ) | ${MAILCMD} -s "sendsys by ${FROM}" ${NEWSMASTER} ;; logit) ${WRITELOG} ${LOGFILE} "sendsys by ${FROM}; reply skipped" <${ARTICLE} --- 29,35 ---- echo '' echo 'The full article was:' cat ${ARTICLE} ! ) | sed -e 's/^~/~~/' | ${MAILCMD} -s "sendsys by ${FROM}" ${NEWSMASTER} ;; logit) ${WRITELOG} ${LOGFILE} "sendsys by ${FROM}; reply skipped" <${ARTICLE} *************** *** 38,52 **** case "$1" in "") ${MAILCMD} -s "${SUBJECT}" ${REPLYTO} <${NEWSFEEDS} ! ${MAILCMD} -s "sendsys by ${FROM}; reply sent" ${NEWSMASTER} <${ARTICLE} ;; *) ${AWK} "/^$1"'[/:\\]/,/[^\\]$/' ${NEWSFEEDS} >${TEMP} trap 'rm -f ${TEMP} ; exit' 1 2 3 15 if [ -s ${TEMP} ] ; then ${MAILCMD} -s "${SUBJECT} for $1" ${REPLYTO} <${TEMP} ! ${MAILCMD} -s "sendsys $1 by ${FROM}; reply sent" \ ! ${NEWSMASTER} <${ARTICLE} fi rm -f ${TEMP} ;; --- 38,54 ---- case "$1" in "") ${MAILCMD} -s "${SUBJECT}" ${REPLYTO} <${NEWSFEEDS} ! sed -e 's/^~/~~/' <${ARTICLE} \ ! | ${MAILCMD} -s "sendsys by ${FROM}; reply sent" ${NEWSMASTER} ;; *) ${AWK} "/^$1"'[/:\\]/,/[^\\]$/' ${NEWSFEEDS} >${TEMP} trap 'rm -f ${TEMP} ; exit' 1 2 3 15 if [ -s ${TEMP} ] ; then ${MAILCMD} -s "${SUBJECT} for $1" ${REPLYTO} <${TEMP} ! sed -e 's/^~/~~/' <${ARTICLE} \ ! | ${MAILCMD} -s "sendsys $1 by ${FROM}; reply sent" \ ! ${NEWSMASTER} fi rm -f ${TEMP} ;; diff -c --recursive ../inn1.4/samples/senduuname ./samples/senduuname *** ../inn1.4/samples/senduuname Tue Oct 13 15:22:13 1992 --- ./samples/senduuname Wed Dec 22 09:47:03 1993 *************** *** 17,23 **** echo " uuname | ${MAILCMD} -s \"${SUBJECT}\" ${FROM}" echo 'The full article was:' cat ${ARTICLE} ! ) | ${MAILCMD} -s "senduuname by ${FROM}" ${NEWSMASTER} ;; logit) ${WRITELOG} ${LOGFILE} "senduuname by ${FROM}; reply skipped" <${ARTICLE} --- 17,23 ---- echo " uuname | ${MAILCMD} -s \"${SUBJECT}\" ${FROM}" echo 'The full article was:' cat ${ARTICLE} ! ) | sed -e 's/^~/~~/' | ${MAILCMD} -s "senduuname by ${FROM}" ${NEWSMASTER} ;; logit) ${WRITELOG} ${LOGFILE} "senduuname by ${FROM}; reply skipped" <${ARTICLE} diff -c --recursive ../inn1.4/samples/version ./samples/version *** ../inn1.4/samples/version Thu Mar 18 16:05:06 1993 --- ./samples/version Wed Dec 22 09:47:06 1993 *************** *** 7,13 **** ## =()<. @<_PATH_PARSECTL>@ "$@">()= . /news/bin/control/parsecontrol "$@" ! VERSION="INN 1.4" WHERE=`innconfval pathhost` --- 7,13 ---- ## =()<. @<_PATH_PARSECTL>@ "$@">()= . /news/bin/control/parsecontrol "$@" ! VERSION="INN 1.4-sec" WHERE=`innconfval pathhost` *************** *** 21,27 **** echo " echo InterNetNews ${VERSION} | ${MAILCMD} -s \"${SUBJECT}\" ${FROM}" echo 'The full article was:' cat ${ARTICLE} ! ) | ${MAILCMD} -s "version by ${FROM}" ${NEWSMASTER} ;; logit) ${WRITELOG} ${LOGFILE} "version by ${FROM}; reply skipped" <${ARTICLE} --- 21,27 ---- echo " echo InterNetNews ${VERSION} | ${MAILCMD} -s \"${SUBJECT}\" ${FROM}" echo 'The full article was:' cat ${ARTICLE} ! ) | sed -e 's/^~/~~/' | ${MAILCMD} -s "version by ${FROM}" ${NEWSMASTER} ;; logit) ${WRITELOG} ${LOGFILE} "version by ${FROM}; reply skipped" <${ARTICLE} diff -c --recursive ../inn1.4/samples/writelog ./samples/writelog *** ../inn1.4/samples/writelog Thu Mar 18 16:05:08 1993 --- ./samples/writelog Wed Dec 22 09:47:09 1993 *************** *** 26,32 **** exit 0 ;; Xmail) ! ${MAILCMD} -s "${MESSAGE}" ${NEWSMASTER} exit 0 ;; esac --- 26,32 ---- exit 0 ;; Xmail) ! sed -e 's/^~/~~/' | ${MAILCMD} -s "${MESSAGE}" ${NEWSMASTER} exit 0 ;; esac