aboutsummaryrefslogtreecommitdiffstats
path: root/mail/ChangeLog
diff options
context:
space:
mode:
authorJeffrey Stedfast <fejj@src.gnome.org>2003-03-14 04:09:27 +0800
committerJeffrey Stedfast <fejj@src.gnome.org>2003-03-14 04:09:27 +0800
commit69c9fbff698b3516ffc216fd8552736b9f040168 (patch)
treeeaa37c40d28de1d46f6f83b3efe795404bdb9e91 /mail/ChangeLog
parent96e150d7a131ea10c579522ef9c3b23b4881da0d (diff)
downloadgsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar
gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar.gz
gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar.bz2
gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar.lz
gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar.xz
gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar.zst
gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.zip
reverted mail-display.c and mail-format.c fixes - pondering better fixes
svn path=/trunk/; revision=20279
Diffstat (limited to 'mail/ChangeLog')
-rw-r--r--mail/ChangeLog17
1 files changed, 0 insertions, 17 deletions
diff --git a/mail/ChangeLog b/mail/ChangeLog
index a8be5524cc..ec8c9e200c 100644
--- a/mail/ChangeLog
+++ b/mail/ChangeLog
@@ -1,22 +1,5 @@
2003-03-12 Jeffrey Stedfast <fejj@ximian.com>
- Security vulnerability fixes.
-
- * mail-display.c (do_external_viewer): Make sure that we don't
- launch a bonobo control to view a mime-type that we handle
- internally, otherwise maliciously formed HTML mail using <object>
- tags could potentially launch a bonobo vontrol to view the mime
- part bypassing any checks that Evolution might do on the data
- normally.
-
- * mail-format.c (handle_text_html, attachment_header)
- (handle_image, handle_via_bonobo): Encode the result from
- get_cid() so that malicious Content-Id strings cannot bypass the
- user's preference to not load http images, force a bonobo control
- to load passing it arbitrary data, etc.
-
-2003-03-12 Jeffrey Stedfast <fejj@ximian.com>
-
* mail-signature-editor.c (menu_file_save_cb): Rewritten to do the
same as the composer's build_message() code.