[RCD] Update 1.0.4 released

Cor Bosman cor at xs4all.nl
Mon Dec 22 11:27:04 CET 2014


> 
> * Security: Fix possible CSRF attacks to some address book operations
> as well as to the ACL and Managesieve plugins.
> * Fix attachments encoded in TNEF containers (from Outlook)
> * Fix compatibility with PHP 5.2


Hi Thomas, was this supposed to fix the uudecode problem as well?  1.0.4 still breaks any message containing the simple string 'foobar begin 2015 foobar'.

In dutch this is a very common set of words, as it translates to 'early 2015'.   The problem is that the match for uuparts is too simple. 

I created a PR off of 1.0-release to fix this problem. https://github.com/roundcube/roundcubemail/pull/252 <https://github.com/roundcube/roundcubemail/pull/252>

In master this is handled differently, and it doesnt seem to fail, even though the matching for a uu encoded part could be improved there as well,

Regards,

Cor

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.roundcube.net/pipermail/dev/attachments/20141222/2433fe1f/attachment.html>


More information about the dev mailing list