diff options
author | Alvar Penning <post@0x21.biz> | 2020-08-19 14:29:23 +0200 |
---|---|---|
committer | Alvar Penning <post@0x21.biz> | 2020-09-10 10:12:23 +0200 |
commit | 62eed9ab29ab21b9e89a5519f85b6216e646d32c (patch) | |
tree | f74ebe2ecb90f0999cdaba632246738810fbf8f8 /home-manager/tests/modules/programs/waybar/settings-complex-expected.json | |
parent | 303e0bca3b6a35a6d7843f0e68d20af40a34e890 (diff) |
claws-mail: patch mailto handling
The "Mailto: Me Your Secrets"[0] paper describes vulnerabilities in
multiple email clients regarding the undocumented "attach" field of a
mailto URI. This might allow the inclusion of sensitive data in an
outgoing email.
Pull request #95758 addresses this issue on a more general level.
Claws Mail unfortunately also has problems with mailto URIs[1][2].
Referring to the paper, problems for "attach" and "insert" were found
and fixed. These patches, which are not included in a release yet, are
hereby added.
[0]:https://www.nds.ruhr-uni-bochum.de/media/nds/veroeffentlichungen/2020/08/15/mailto-paper.pdf
[1]:https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4373
[2]:https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4374
Diffstat (limited to 'home-manager/tests/modules/programs/waybar/settings-complex-expected.json')
0 files changed, 0 insertions, 0 deletions