Bump dawidd6/action-send-mail from 3.4.1 to 3.6.1 #9

dependabot · 2022-06-14T18:40:58Z

Bumps dawidd6/action-send-mail from 3.4.1 to 3.6.1.

Commits

6d23605 main: set filename of attachments
f5b1987 build(deps): bump @actions/glob from 0.2.0 to 0.2.1 (#97)
9020e79 Document Gmail App password, since Less Secure Access is going away (#98)
ba46013 Add ability to set In-Reply-To tag (#81)
fd76768 Add less secure apps link (#77)
4ef78fc Adding CID tags for attachments (#75)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [dawidd6/action-send-mail](https://github.com/dawidd6/action-send-mail) from 3.4.1 to 3.6.1. - [Release notes](https://github.com/dawidd6/action-send-mail/releases) - [Commits](dawidd6/action-send-mail@v3.4.1...v3.6.1) --- updated-dependencies: - dependency-name: dawidd6/action-send-mail dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Ran into this when using to_port(getenv(...)). It crashes under ASAN, but not sure if that's because strtol() is intercepted. Testing CI ``` ================================================================= ==2832157==ERROR: AddressSanitizer: global-buffer-overflow on address 0x55d178a21121 at pc 0x7f5df300127c bp 0x7fffcb3b83b0 sp 0x7fffcb3b7b60 READ of size 1 at 0x55d178a21121 thread T0 #0 0x7f5df300127b in __interceptor_strcmp ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:446 #1 0x55d179d8b954 in zeek::util::streq(char const*, char const*) ../src/util.cc:1107 #2 0x55d17a18d0cd in zeek::BifFunc::to_port_bif(zeek::detail::Frame*, std::vector<zeek::IntrusivePtr<zeek::Val>, std::allocator<zeek::IntrusivePtr<zeek::Val> > > const*) <...>/zeek/build/zeek.bif:2888 #3 0x55d17a16a99b in zeek::detail::BuiltinFunc::Invoke(std::vector<zeek::IntrusivePtr<zeek::Val>, std::allocator<zeek::IntrusivePtr<zeek::Val> > >*, zeek::detail::Frame*) const ../src/Func.cc:706 #4 0x55d17a07b7f3 in zeek::detail::CallExpr::Eval(zeek::detail::Frame*) const ../src/Expr.cc:4709 #5 0x55d17a339bce in zeek::detail::ExprStmt::Exec(zeek::detail::Frame*, zeek::detail::StmtFlowType&) ../src/Stmt.cc:427 #6 0x55d17a33ab6f in zeek::detail::StmtList::Exec(zeek::detail::Frame*, zeek::detail::StmtFlowType&) ../src/Stmt.cc:1649 #7 0x55d179e78b9c in zeek::detail::setup(int, char**, zeek::Options*) ../src/zeek-setup.cc:1063 #8 0x55d17bcfd18d in main ../src/main.cc:13 #9 0x7f5df268cd09 in __libc_start_main ../csu/libc-start.c:308 #10 0x55d179ade2a9 in _start (<...>/zeek/build/src/zeek+0x346c2a9) 0x55d178a21121 is located 63 bytes to the left of global variable '*.LC3' defined in '../src/ZeekString.cc' (0x55d178a21160) of size 11 '*.LC3' is ascii string 'ZeekString' 0x55d178a21121 is located 0 bytes to the right of global variable '*.LC2' defined in '../src/ZeekString.cc' (0x55d178a21120) of size 1 '*.LC2' is ascii string '' SUMMARY: AddressSanitizer: global-buffer-overflow ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:446 in __interceptor_strcmp Shadow bytes around the buggy address: 0x0abaaf13c1d0: f9 f9 f9 f9 00 00 00 00 06 f9 f9 f9 f9 f9 f9 f9 0x0abaaf13c1e0: 00 00 04 f9 f9 f9 f9 f9 00 06 f9 f9 f9 f9 f9 f9 0x0abaaf13c1f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 0x0abaaf13c200: f9 f9 f9 f9 00 00 05 f9 f9 f9 f9 f9 00 06 f9 f9 0x0abaaf13c210: f9 f9 f9 f9 00 00 00 02 f9 f9 f9 f9 00 00 f9 f9 =>0x0abaaf13c220: f9 f9 f9 f9[01]f9 f9 f9 f9 f9 f9 f9 00 03 f9 f9 0x0abaaf13c230: f9 f9 f9 f9 00 05 f9 f9 f9 f9 f9 f9 00 00 00 02 0x0abaaf13c240: f9 f9 f9 f9 00 00 07 f9 f9 f9 f9 f9 00 02 f9 f9 0x0abaaf13c250: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 05 f9 f9 f9 0x0abaaf13c260: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 0x0abaaf13c270: f9 f9 f9 f9 00 00 02 f9 f9 f9 f9 f9 00 00 00 07 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==2832157==ABORTING ```

Ran into this when using to_port(getenv(...)) for an undefined/empty environment variable. ASAN doesn't like that the slash variable ends up being access behind the string. ``` ================================================================= ==2832157==ERROR: AddressSanitizer: global-buffer-overflow on address 0x55d178a21121 at pc 0x7f5df300127c bp 0x7fffcb3b83b0 sp 0x7fffcb3b7b60 READ of size 1 at 0x55d178a21121 thread T0 #0 0x7f5df300127b in __interceptor_strcmp ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:446 #1 0x55d179d8b954 in zeek::util::streq(char const*, char const*) ../src/util.cc:1107 #2 0x55d17a18d0cd in zeek::BifFunc::to_port_bif(zeek::detail::Frame*, std::vector<zeek::IntrusivePtr<zeek::Val>, std::allocator<zeek::IntrusivePtr<zeek::Val> > > const*) <...>/zeek/build/zeek.bif:2888 #3 0x55d17a16a99b in zeek::detail::BuiltinFunc::Invoke(std::vector<zeek::IntrusivePtr<zeek::Val>, std::allocator<zeek::IntrusivePtr<zeek::Val> > >*, zeek::detail::Frame*) const ../src/Func.cc:706 #4 0x55d17a07b7f3 in zeek::detail::CallExpr::Eval(zeek::detail::Frame*) const ../src/Expr.cc:4709 #5 0x55d17a339bce in zeek::detail::ExprStmt::Exec(zeek::detail::Frame*, zeek::detail::StmtFlowType&) ../src/Stmt.cc:427 #6 0x55d17a33ab6f in zeek::detail::StmtList::Exec(zeek::detail::Frame*, zeek::detail::StmtFlowType&) ../src/Stmt.cc:1649 #7 0x55d179e78b9c in zeek::detail::setup(int, char**, zeek::Options*) ../src/zeek-setup.cc:1063 #8 0x55d17bcfd18d in main ../src/main.cc:13 #9 0x7f5df268cd09 in __libc_start_main ../csu/libc-start.c:308 #10 0x55d179ade2a9 in _start (<...>/zeek/build/src/zeek+0x346c2a9) 0x55d178a21121 is located 63 bytes to the left of global variable '*.LC3' defined in '../src/ZeekString.cc' (0x55d178a21160) of size 11 '*.LC3' is ascii string 'ZeekString' 0x55d178a21121 is located 0 bytes to the right of global variable '*.LC2' defined in '../src/ZeekString.cc' (0x55d178a21120) of size 1 '*.LC2' is ascii string '' SUMMARY: AddressSanitizer: global-buffer-overflow ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:446 in __interceptor_strcmp Shadow bytes around the buggy address: 0x0abaaf13c1d0: f9 f9 f9 f9 00 00 00 00 06 f9 f9 f9 f9 f9 f9 f9 0x0abaaf13c1e0: 00 00 04 f9 f9 f9 f9 f9 00 06 f9 f9 f9 f9 f9 f9 0x0abaaf13c1f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 0x0abaaf13c200: f9 f9 f9 f9 00 00 05 f9 f9 f9 f9 f9 00 06 f9 f9 0x0abaaf13c210: f9 f9 f9 f9 00 00 00 02 f9 f9 f9 f9 00 00 f9 f9 =>0x0abaaf13c220: f9 f9 f9 f9[01]f9 f9 f9 f9 f9 f9 f9 00 03 f9 f9 0x0abaaf13c230: f9 f9 f9 f9 00 05 f9 f9 f9 f9 f9 f9 00 00 00 02 0x0abaaf13c240: f9 f9 f9 f9 00 00 07 f9 f9 f9 f9 f9 00 02 f9 f9 0x0abaaf13c250: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 05 f9 f9 f9 0x0abaaf13c260: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 0x0abaaf13c270: f9 f9 f9 f9 00 00 02 f9 f9 f9 f9 f9 00 00 00 07 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==2832157==ABORTING ```

dependabot bot added the dependencies Pull requests that update a dependency file label Jun 14, 2022

zeek-bot force-pushed the dependabot/github_actions/dawidd6/action-send-mail-3.6.1 branch from 25c0fb2 to 72ad9a5 Compare June 14, 2022 19:00

zeek-bot force-pushed the dependabot/github_actions/dawidd6/action-send-mail-3.6.1 branch from 72ad9a5 to e2ccef6 Compare June 14, 2022 22:00

Fix pattern matching in Cirrus dependabot check

c3d1f6f

zeek-bot merged commit 073f16a into master Jun 14, 2022

zeek-bot deleted the dependabot/github_actions/dawidd6/action-send-mail-3.6.1 branch June 14, 2022 23:00

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump dawidd6/action-send-mail from 3.4.1 to 3.6.1 #9

Bump dawidd6/action-send-mail from 3.4.1 to 3.6.1 #9

dependabot bot commented on behalf of github Jun 14, 2022

Bump dawidd6/action-send-mail from 3.4.1 to 3.6.1 #9

Bump dawidd6/action-send-mail from 3.4.1 to 3.6.1 #9

Conversation

dependabot bot commented on behalf of github Jun 14, 2022