[Bug 266220] Re: Approved: only removed from text/plain part
266220 at bugs.launchpad.net
Tue Oct 11 20:52:24 CEST 2011
I believe all I did in that case was to copy and paste the "Approved"
line from a previous email I sent, and it somehow got mutilated with
I think rejection if you find the password in the stripped-out HTML part
is a great idea. The dangerous part of this bug is that a failure in
parsing can lead to an admin password being broadcast over email to
hundreds of people. It seems like Mailman should either require the
header or plain-text email and not even allow HTML emails, or ensure
(via some liberal matching) that the password isn't going to get sent
out if parsing fails.
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
Approved: only removed from text/plain part
To manage notifications about this bug go to:
More information about the Mailman-coders