emailed command in subject header is ignored
Bug #685261 reported by
Mark Sapiro
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
GNU Mailman | Status tracked in 3.0 | |||||
2.1 |
Fix Committed
|
Undecided
|
Mark Sapiro | |||
2.2 |
Fix Committed
|
Undecided
|
Mark Sapiro | |||
3.0 |
Fix Released
|
Low
|
Barry Warsaw |
Bug Description
For example, a held message notification to the list owner/moderator contains an attached message/rfc822 part with subject "confirm <token>" and this message can be replied to with or without an "Approved: <password>" header/first body line to accept or discard the held message.
The code allows for an MUA possibly inserting 'Re:' or some l10n equivalent in the subject making it "Re: confirm <token>", but if the l10n equivalent contains a non-ascii character, the entire command is ignored and the message continues to be held.
Changed in mailman: | |
assignee: | nobody → Mark Sapiro (msapiro) |
importance: | Undecided → Low |
milestone: | none → 2.1.15 |
status: | New → Fix Committed |
Changed in mailman: | |
status: | Fix Committed → Fix Released |
status: | Fix Released → Fix Committed |
To post a comment you must log in.
Note that the committed fix assumes that the l10n of the 'Re:' prefix is properly RFC 2047 encoded. If the raw Subject: header contains non-ascii, the command in the subject will still be ignored.