anomy-list

• Previous message: Bjarni R. Einarsson: "Re: Sending From and Recpient to scanner"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Finally, finally...

First of all: I didn't have time to go through my entire incoming patch
collection, so stuff some of you have contributed isn't in this
release, although I promised that it would be. Sorry about that!

Also, since this release contains quite a few relatively important bug
fixes - including one bug which could cause attachment corruption - I
decided to rush it out without updating all the documentation. Again,
sorry.

Hopefully I'll make a 1.45 release soon to address these issues.

Highlights in this release:

  - Mangling of cid: URLs. This is necessary, since a CID which looks
        like a file name will be treated like a filename by all unpatched
        Explorer-based HTML renderers (recent Eudoras and Outlooks, to name
        the biggies). So people could send you an executable named
        blah.jpg, with the content-ID blah.exe - and Explorer would happily
        execute it without even asking for permission. Big hole.

        The downside is, my CID: defanging is way too aggressive - it
        causes way too many false positives, and unfortunately has the
        drawback of making attachments appear to "vanish" in certain
        mailers which don't provide an icon for the file, but count on the
        HTML to display it instead (which it doesn't do because I mangle
        the CID: url).

        This is pretty high on my list of Things I Need To Fix For Work, so
        hopefully it'll be addressed within the next few releases.

  - Fixed a very stupid bug in the scanner plugin code.

  - Fixed a bad bad bug in the Base64 code, which would corrupt some
        files if people were using "feat_log_inline = 2".

  - Fixed a bug in the boundary ambiguity-handling code.

  - Added a bunch of little features for us hacker types, see the
        CHANGELOG file for detauls.

Enjoy!

Also: My employer's virus scanner F-Prot is now available for free
(as a beta release) for the Linux platform. It should work great
with the Sanitizer. See http://www.frisk.is/ for info. We could
use your feedback. :-)

-- 
Bjarni R. Einarsson                           PGP: 02764305, B7A3AB89
 23829@xyz.molar.is                -><-              http://bre.klaki.net/
Check out my open-source email sanitizer: http://mailtools.anomy.net/

• Next message: Javier A. Del Pino Coronel: "sanitizer with Solaris 8"
• Previous message: Bjarni R. Einarsson: "Re: Sending From and Recpient to scanner"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]