changeset | fe0e6550585c |
---|---|
branch | HEAD |
bookmark | |
tag | tip |
user | Timo Sirainen <tss@iki.fi> |
description | *-login: SSL connections didn't get closed when the client got destroyed. |
files | src/imap-login/client.c src/login-common/ssl-proxy-openssl.c src/login-common/ssl-proxy.c src/login-common/ssl-proxy.h src/pop3-login/client.c |
changeset | 0ce9c27b109b |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | message parser: Fixed infinite loop when parsing a specific message. |
files | src/lib-mail/message-parser.c |
changeset | 0cae9ccf09b9 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | lib-mail: rfc822_parse_quoted_string() didn't remove '\' from the strings. |
files | src/lib-mail/rfc822-parser.c |
changeset | 22b99f10260a |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | SSL: Enable SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag for extra security. This is to counter the "BEAST SSL" attack, although I don't think it's practical to implement against IMAP/POP3/LMTP protocols. There's really no way for attackers to inject any evil data before authentication, so the password is safe. Post-authentication attacker could cause clients to download evil emails, but even then clients don't typically redownload some specific mail, so there's really no way to extract anything useful. |
files | src/login-common/ssl-proxy-openssl.c |
changeset | eadc6ecd92a8 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | lib-storage: Message size lookups from cache was broken if fields weren't in "normal" order in file. |
files | src/lib-storage/index/index-mail.c |
changeset | eb03f8c375fa |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | imap: FETCH BODY[HEADER.FIELDS (..)] may have tried to fetch garbage field names. Such situations were quite likely to cause a crash though. |
files | src/imap/imap-fetch-body.c |
changeset | d9f9ca8c7fe2 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | autogen.sh updated to use wiki1-export.tar.gz |
files | autogen.sh |
changeset | 3698dfe0f21c |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | message header parser: Fixed handling NUL characters in header names. line->name_len was too large and line->middle pointer may have pointed past allocated memory. These may have caused crashes/corruption (fts, mbox at least). |
files | src/lib-mail/message-header-parser.c |
changeset | 9b17de31aac3 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | lib-charset: Skip over only invalid characters, not entire buffers around them. |
files | src/lib-charset/charset-iconv.c |
changeset | 27a0fd89e181 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | Removed "die after 3 EINTR write() failures to log". This can happen with a busy master process that is receiving a lot of SIGCHLD signals rapidly while trying to log. |
files | src/lib/failures.c |