Hello,
this is an update on the situation of quoted %-escapes in mailcap rules:
Of the 86 packages that are affected in buster:
- 39 have been fixed by the maintainers independently (presumably thanks to the
lintian tag):
audacity cgoban clustalx debian-edu-config djview4 drumkv1 feh geeqie
On Sat, 14 Nov 2020 08:47:53 +0900, Charles Plessy wrote:
> Rejoice ! I just split the package into two:
I didn't know you were considering this back in 2019, I just saw the message on
debian-devel, and I'm glad you decided to split.
> So you should be able to remove mailcap easily.
In the
> It very possibly might. Would you be interested in opening one? The
> information you have given here might be enough.
Can do, but I'll wait for Charles comments.
> Again, it would be nice to report that.
Agreed, but I'm unfamiliar with Thunderbird and I don't use it, so I think I'll
pass.
I
Hi all,
Le Fri, Nov 13, 2020 at 02:02:22AM +0100, Marriott NZ a écrit :
>
> In summary, mailcap is harmful.
> And I won't feel safe until I can get rid of it.
Rejoice ! I just split the package into two:
- media-types provides /etc/mime-types, which is what most packages
depend on
Hi,
On Fri, Nov 13, 2020 at 02:02:22AM +0100, Marriott NZ wrote:
Thanks for your interest in the issue, Frank.
Thanks for your interest, too.
If run-mailcap is used by some mail program or script for mailcap
support, then it's a vector for arbitrary command execution. Perhaps
this deserves
Thanks for your interest in the issue, Frank.
I've looked into the run-mailcap(1) script (the reference parser, included in
this package), and I found it also vulnerable to shell command injection.
(Test with --norun, at your own risk.)
-- rule
text/*; /usr/bin/w3m -T %t %s
-- exploit
$
About the MAILCAP/MAILCAPS issue: mutt uses MAILCAPS too (I did check the
manual before, but not the man page).
Now I tend to think that this is just another gnu mailutils bug and the common
practice is to follow the RFC (MAILCAPS), sorry for the noise.
I've looked into some other program for how they handle mailcap rules.
The RFC deliberately doesn't discuss security, and not all projects seems to be
aware of the problem.
If mailcap is supposed to be standard and interoperable (and not a security
nightmare), we need a central place for such
Package: mime-support
Version: 3.60
Severity: normal
Dear Maintainer,
Please clarify how %-escapes in mailcap rules should be handled, because
RFC-1524 is unclear about it, and this is leading to differences in
implementations and security problems.
For example in gnu mailutils, you can do
9 matches
Mail list logo
