[Mailman-Users] Emergency mail to everyone?
Mark Sapiro
msapiro at value.net
Wed Jan 17 18:08:04 CET 2007
David Lee wrote:
>
>If the inbound email contains not only the plain text message but also its
> equivalent in HTML
>and if the "Approved:" is specified as the first line of the body rather
> than as a header
>then
> the password is in danger of leaking outbound, being stripped only from
> the plain version but not from the HTML version where it could persist.
>endif
This was bug 1181161 which was fixed in Mailman 2.1.7, but there can
still be problems if 'Approved: password' gets split across lines in
quoted printable encoded alternative parts or gets base64 encoded.
It's on my list to fix these issues.
--
Mark Sapiro <msapiro at value.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list