On Mon, Dec 22, 2014 at 11:27 AM, Cor Bosman <[email protected]> wrote: > > * Security: Fix possible CSRF attacks to some address book operations > as well as to the ACL and Managesieve plugins. > * Fix attachments encoded in TNEF containers (from Outlook) > * Fix compatibility with PHP 5.2 > > > > Hi Thomas, was this supposed to fix the uudecode problem as well?
No it wasn't. We didn't have a ticket nor time to investigate your post which just came in the day before the release. > 1.0.4 still breaks any message containing the simple string 'foobar begin 2015 > foobar'. > > In dutch this is a very common set of words, as it translates to 'early > 2015'. The problem is that the match for uuparts is too simple. > > I created a PR off of 1.0-release to fix this problem. > https://github.com/roundcube/roundcubemail/pull/252 Thanks for this! We'll review it as soon as possible. > In master this is handled differently, and it doesnt seem to fail, even > though the matching for a uu encoded part could be improved there as well, Maybe Alec can explain why commit https://github.com/roundcube/roundcubemail/commit/48ba4414 also refactors the uuencode part in git master without being mentioned in the commit message. ~Thomas _______________________________________________ Roundcube Development discussion mailing list [email protected] http://lists.roundcube.net/mailman/listinfo/dev
