<<< Date Index >>>     <<< Thread Index >>>

Re: RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)



On 2006-07-12 23:13:45 +0900, TAKAHASHI Tamotsu wrote:

> * Wed Jul 12 2006 Vincent Lefevre <vincent@xxxxxxxxxx>
> > Also, what's the status of the rfc2368sec patch?

> No progress.

Seems like that one got dropped, yes.

> I have been using rfc2368sec.5 for nearly one year
> and I have not found a bug in it.
> http://developer.momonga-linux.org/viewcvs/trunk/pkgs/mutt/patch-1.5.9.tamo.rfc2368sec.5?rev=6615
> 
> IIRC, Thomas prefers rfc2368sec.4:
> http://www.momonga-linux.org/~tamo/patch-1.5.9.tamo.rfc2368sec.4
> http://thread.gmane.org/gmane.mail.mutt.devel/7507/focus=7522

Looking at this, I guess I'd like to throw out the
OPTCONFIRMHEADERS part of it, and just stick to (a) prepending
the X-Mailto-URL-... (or maybe just X-Mailto) prefix, and (b)
overriding ask-cc and ask-bcc as the patch does.

Mind preparing a version that does this?

-- 
Thomas Roessler · Personal soap box at <http://log.does-not-exist.org/>.