[Bug 1246039] [NEW] Non-standard headers can leak sender information to anonymous lists.
Public bug reported: Various MUAs, MTAs and MDAs can add non-standard X- headers to messages, e.g. X-Envelope-Sender, that might reveal sender information in posts to anonymous lists. Since it is not possible to know what all these headers might be, it is not possible to explicitly remove them. Thus, we will instead use a configurable list of headers to keep and remove the rest. ** Affects: mailman Importance: High Assignee: Mark Sapiro (msapiro) Status: Fix Committed ** Tags: mailman3 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1246039 Title: Non-standard headers can leak sender information to anonymous lists. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1246039/+subscriptions
** Branch linked: lp:mailman/2.1 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1246039 Title: Non-standard headers can leak sender information to anonymous lists. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1246039/+subscriptions
** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1246039 Title: Non-standard headers can leak sender information to anonymous lists. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1246039/+subscriptions
participants (2)
-
Launchpad Bug Tracker -
Mark Sapiro