Re: Serious information leak in Ximian Evolution

To: debian-gtk-gnome@lists.debian.org
Subject: Re: Serious information leak in Ximian Evolution
From: Csillag Kristóf <fenwick@freemail.hu>
Date: 23 Jan 2003 03:03:09 +0100
Message-id: <1043287389.22511.6.camel@hactar2.prater.csk>

The discussion about this bug can be found in the Debian BTS.
The page of this bug is http://bugs.debian.org/177282

A short summary:

- If Evolution uses SMTP, everything's OK.
- If Evolution uses Exim's local sendmail, it probably
   forgets to add the -t flag, so Exim just sends
   the mail, without tampering with the headers.
- I have no idea what other MTA's do, but Exim's behavior
   seems to be correct in the light of the relevant RFCs
- Evolution 1.0.5 (both in Woody and Sarge) is using
   sendmail the Right Way, this bug is only appearing in the
   1.2.1 version. (Which is supposed to be stable, according
   to Ximian.)

See the details in the BTS.

Best wishes

-- 
Csillag Kristóf <fenwick@freemail.hu>

Reply to:

Prev by Date: Re: Galeon crash
Next by Date: Re: How to fix a crashing Nautilus
Previous by thread: Re: Serious information leak in Ximian Evolution
Next by thread: Rebuilding GNOME 2 libs against libcrypto/libssl0.9.7?
Index(es):
- Date
- Thread