Re: RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)

To: mutt-dev@xxxxxxxx
Subject: Re: RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)
From: TAKAHASHI Tamotsu <ttakah@xxxxxxxxxxxxxxxxx>
Date: Fri, 14 Jul 2006 13:07:29 +0900
In-reply-to: <20060713163743.GA75792@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?Subject="Unsubscribe Mutt Dev"?body=unsubscribe>
Mail-followup-to: mutt-dev@xxxxxxxx
References: <44B29EC2.4010805@xxxxxxxxx> <20060711232756.GQ9875@xxxxxxxxxxxxxxxxxxx> <20060711233531.GI11269@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20060712000829.GU9875@xxxxxxxxxxxxxxxxxxx> <20060712141345.GB6596@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20060712181501.GD14959@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20060713092914.GC6596@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20060713133727.GD6596@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20060713163743.GA75792@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-mutt-dev@xxxxxxxx
User-agent: Mutt/1.5.11-2006-07-05

* Thu Jul 13 2006 Rocco Rutte <pdmef@xxxxxxx>
> * TAKAHASHI Tamotsu [06-07-13 22:37:28 +0900] wrote:
> 
> >Note: Without OPTCONFIRMHEADERS, and when $edit_headers=no, you
> >are totally unaware how your headers are modified by mailto-URL.
> >I strongly recommend OPTCONFIRMHEADERS feature. It forces you to
> >edit (or at least review) all your headers.
> 
> IIRC I did something similar for mutt-ng and turned $edit_headers on by 
> force along with a message.

That's good, but the user may edit the message twice or more times,
and I don't think mutt have to force him to edit headers every time.
The first time is enough. So I did not set $edit_headers but did use
another (pseudo) option.

-- 
tamo

References:
- CVE-2006-3242 and a new mutt release
  - From: Jonathan Smith
- Re: CVE-2006-3242 and a new mutt release
  - From: Vincent Lefevre
- Re: CVE-2006-3242 and a new mutt release
  - From: Thomas Roessler
- Re: CVE-2006-3242 and a new mutt release
  - From: Vincent Lefevre
- RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)
  - From: TAKAHASHI Tamotsu
- Re: RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)
  - From: Thomas Roessler
- Re: RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)
  - From: TAKAHASHI Tamotsu
- Re: RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)
  - From: TAKAHASHI Tamotsu
- Re: RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)
  - From: Rocco Rutte

Prev by Date: [2006-07-14] CVS repository changes
Next by Date: Re: mutt/2333: wish: display multiple ?variables at once
Previous by thread: Re: RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)
Next by thread: [2006-07-11] CVS repository changes
Index(es):
- Date
- Thread