alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity
nixpkgs/pkgs/applications
History
Alvar Penning 62eed9ab29 claws-mail: patch mailto handling 
The "Mailto: Me Your Secrets"[0] paper describes vulnerabilities in
multiple email clients regarding the undocumented "attach" field of a
mailto URI. This might allow the inclusion of sensitive data in an
outgoing email.

Pull request #95758 addresses this issue on a more general level.

Claws Mail unfortunately also has problems with mailto URIs[1][2].
Referring to the paper, problems for "attach" and "insert" were found
and fixed. These patches, which are not included in a release yet, are
hereby added.

[0]:https://www.nds.ruhr-uni-bochum.de/media/nds/veroeffentlichungen/2020/08/15/mailto-paper.pdf
[1]:https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4373
[2]:https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4374
2020-09-10 10:12:23 +02:00
..
accessibility
audio Merge pull request #96610 from romildo/rm.deepin 2020-08-31 17:58:11 +02:00
backup
blockchains go-ethereum: Add RaghavSood to maintainers 2020-08-26 16:05:49 +08:00
display-managers
editors neovim-qt: Add homepage 2020-08-31 07:19:40 -04:00
gis qgis: 3.10.7 -> 3.10.9 2020-08-28 09:40:16 +01:00
graphics Merge pull request #96716 from r-ryantm/auto-update/shotwell 2020-08-31 17:13:29 +02:00
kde Merge pull request #95893 from NixOS/u/kapps_2008 2020-08-25 19:41:53 +08:00
logging/humioctl
misc Merge pull request #95897 from dasj19/orca-updates 2020-08-30 20:47:38 +02:00
networking claws-mail: patch mailto handling 2020-09-10 10:12:23 +02:00
office Merge pull request #96404 from matthewbauer/gcc-cross 2020-08-26 16:17:14 -05:00
qubes/qubes-core-vchan-xen maintainers: 0x4A6F -> _0x4A6F 2020-08-18 07:59:44 +10:00
radio fldigi: 4.1.13 -> 4.1.14 2020-08-31 16:54:20 +02:00
science wxmaxima: 20.04.0 -> 20.06.6 2020-08-31 17:09:33 +02:00
search
system glances: 3.1.4.1 -> 3.1.5 2020-08-19 16:20:03 +02:00
version-management gitlab: 13.0.12 -> 13.0.14 2020-08-30 11:24:25 -07:00
video Electron Player: init at 2.0.8 2020-08-26 11:35:00 +02:00
virtualization Merge pull request #96538 from Mic92/go-references 2020-08-30 16:44:08 +02:00
window-managers Merge pull request #85174 from bhougland18/windowchef 2020-08-28 15:17:06 +02:00