<<< Date Index >>>     <<< Thread Index >>>

Re: Security vulnerability in APOP authentication



Rocco Rutte <pdmef@xxxxxxx> writes:

> I was looking at some mutt code for this issue and other issues that
> report broken threading upon invalid message-ids. It seems that mutt
> happily accepts the following syntax: '<.*>' which is just plain
> wrong.

If that was supposed to be a basic regexp rather than a literal example,
same story for fetchmail up to and including 6.3.8-rc1, and fixed in
-rc2.

-- 
Matthias Andree