Security hole? (was: 1.5.12 release date?)

To: mutt-dev@xxxxxxxx
Subject: Security hole? (was: 1.5.12 release date?)
From: Vincent Lefevre <vincent@xxxxxxxxxx>
Date: Thu, 2 Mar 2006 16:53:34 +0100
In-reply-to: <20060302154054.GC14453@xxxxxxxxxx>
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?Subject="Unsubscribe Mutt Dev"?body=unsubscribe>
Mail-followup-to: mutt-dev@xxxxxxxx
References: <20060302140253.GC19899@xxxxxxxxxxxxx> <20060302154054.GC14453@xxxxxxxxxx>
Sender: owner-mutt-dev@xxxxxxxx
User-agent: Mutt/1.5.11-vl-20060302

On 2006-03-02 10:40:54 -0500, Derek Martin wrote:
> Or perhaps a stable release... 1.6 maybe?

First, it seems that bug 2173 I reported several weeks ago is
a security hole, as it allows some form of header spoofing.
The user must be vigilant about this problem.

Try on the attached mailbox... Look at the headers displayed
in the pager and when replying with $edit_headers set.

This bug should be fixed before a stable release.

-- 
Vincent Lefèvre <vincent@xxxxxxxxxx> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / SPACES project at LORIA

>From a@xxxxxxxxx Thu Mar  2 15:15:36 2006
From: a@xxxxxxxxx
To: a@xxxxxxxxx
Subject: =?UTF-8?Q?Test_for_Mutt_bug_2173=0D=0ACc:_c@xxxxxxxxx?=
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Test for Mutt bug 2173:

  
http://bugs.mutt.org/cgi-bin/gnatsweb.pl?debug=&database=mutt&cmd=view+audit-trail&cmd=view&pr=2173

Possible header spoofing in pager display and in replies with $edit_headers.

References:
- 1.5.12 release date?
  - From: Luke Ross
- Re: 1.5.12 release date?
  - From: Derek Martin

Prev by Date: browser new mail count
Next by Date: Re: browser new mail count
Previous by thread: Re: 1.5.12 release date?
Next by thread: Re: 1.5.12 release date?
Index(es):
- Date
- Thread