diff options
author | Jeffrey Stedfast <fejj@src.gnome.org> | 2003-03-14 04:09:27 +0800 |
---|---|---|
committer | Jeffrey Stedfast <fejj@src.gnome.org> | 2003-03-14 04:09:27 +0800 |
commit | 69c9fbff698b3516ffc216fd8552736b9f040168 (patch) | |
tree | eaa37c40d28de1d46f6f83b3efe795404bdb9e91 /mail/ChangeLog | |
parent | 96e150d7a131ea10c579522ef9c3b23b4881da0d (diff) | |
download | gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar.gz gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar.bz2 gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar.lz gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar.xz gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.tar.zst gsoc2013-evolution-69c9fbff698b3516ffc216fd8552736b9f040168.zip |
reverted mail-display.c and mail-format.c fixes - pondering better fixes
svn path=/trunk/; revision=20279
Diffstat (limited to 'mail/ChangeLog')
-rw-r--r-- | mail/ChangeLog | 17 |
1 files changed, 0 insertions, 17 deletions
diff --git a/mail/ChangeLog b/mail/ChangeLog index a8be5524cc..ec8c9e200c 100644 --- a/mail/ChangeLog +++ b/mail/ChangeLog @@ -1,22 +1,5 @@ 2003-03-12 Jeffrey Stedfast <fejj@ximian.com> - Security vulnerability fixes. - - * mail-display.c (do_external_viewer): Make sure that we don't - launch a bonobo control to view a mime-type that we handle - internally, otherwise maliciously formed HTML mail using <object> - tags could potentially launch a bonobo vontrol to view the mime - part bypassing any checks that Evolution might do on the data - normally. - - * mail-format.c (handle_text_html, attachment_header) - (handle_image, handle_via_bonobo): Encode the result from - get_cid() so that malicious Content-Id strings cannot bypass the - user's preference to not load http images, force a bonobo control - to load passing it arbitrary data, etc. - -2003-03-12 Jeffrey Stedfast <fejj@ximian.com> - * mail-signature-editor.c (menu_file_save_cb): Rewritten to do the same as the composer's build_message() code. |