[Esa-l] ANN: Sanitizer update
John D. Hardin
jhardin at wolfenet.com
Sat Feb 3 10:32:05 PST 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The procmail sanitizer has been updated. The current version is 1.127
It is available via:
US: http://www.impsec.org/email-tools/procmail-security.html
US: ftp://ftp.rubyriver.com/pub/jhardin/antispam/procmail-security.html
EU: ftp://kanon.net/pub/jhardin/antispam/procmail-security.html
- From the changelog:
02/03/2001 (1.127)
Added the <LAYER> tag to HTML defanging; this is
primarily of interest to people running webmail programs.
The sanitizer now recurses into multipart attachments in addition to
RFC822 attachments; the only hole left now is defanging BASE64-encoded
HTML attachments.
If a file attachment does not have a filename specified, a default
filename will be provided; this should prevent some social-engineering
attacks on Outlook users.
Modified the Office Macro scanner a bit; some code used in
default-template infector macros was being ignored, and some false
positives were being generated.
The sanitizer home page is at
http://www.impsec.org/email-tools/procmail-security.html
-----BEGIN PGP SIGNATURE-----
Version: PGP 5.0
Charset: noconv
iQA/AwUBOnxAYNgi5ua4cy55EQLJjQCg2kJF7J1TcWRM37PQvTvnLGNPPhYAnjl5
H9/bNfLFarFCFy6ZWzsXygU4
=b6cA
-----END PGP SIGNATURE-----
--
John Hardin KA7OHZ ICQ#15735746 http://www.wolfenet.com/~jhardin/
jhardin at wolfenet.com pgpk -a finger://gonzo.wolfenet.com/jhardin
768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The question of whether people should be allowed to harm themselves
is simple. They *must*.
-- Charles Murray
-----------------------------------------------------------------------
7 days until she returns
More information about the esd-l
mailing list