[Esa-l] ANN: Procmail Sanitizer 1.148 is released

John D. Hardin jhardin at impsec.org
Sun Dec 19 16:52:04 PST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The procmail sanitizer has been updated. The current version is 1.148
It is available via:

WORLD:  http://www.impsec.org.nyud.net:8090/email-tools/procmail-security.html
US/WA:  http://www.impsec.org/email-tools/procmail-security.html
US/WA:  http://eucleides.com/sanitizer/procmail-security.html
EU/NL:  http://kanon.net/~jhardin/email-tools/procmail-security.html
#EU/NO:  http://oftedal.no/~jhardin/email-tools/procmail-security.html
#AU:     http://grebopple.accessunited.com.au/email-tools/procmail-security.html
AU:     http://impsec.fuzzitech.net/email-tools/procmail-security.html

Direct links to the current tarball:

WORLD:  http://www.impsec.org.nyud.net:8090/email-tools/procmail-sanitizer.tar.gz
US/WA:  http://www.impsec.org/email-tools/procmail-sanitizer.tar.gz
US/WA:  http://eucleides.com/sanitizer/procmail-sanitizer.tar.gz
EU/NL:  http://kanon.net/~jhardin/email-tools/procmail-sanitizer.tar.gz
#EU/NO:  http://oftedal.no/~jhardin/email-tools/procmail-sanitizer.tar.gz
#AU:     http://grebopple.accessunited.com.au/email-tools/procmail-sanitizer.tar.gz
AU:     http://impsec.fuzzitech.net/email-tools/procmail-sanitizer.tar.gz

("commented out" mirrors are temporarily out-of-sync or unavailable)

da03133778995590e5940bc316d11335  html-trap.procmail
1d8cc35cb0028eaad4d0697e328e07f1  html-trap.procmail.nomacroscan
04d18e8eea97ca5eba1db3b3ec4c80b3  procmail-sanitizer.tar.gz

- From the changelog:

12/19/2004 (1.148)
Fix bug related to scanning multiple levels of MIME attachments.
Fix an infinite-loop bug on MIME boundary end detection.
Clean up temporary files on BASE64-decode failure.
Fix multiple-? manipulation in filespecs.
Scan multiple image extensions for JPEG BO attack - filename may be inaccurate.


The sanitizer home page is at
http://www.impsec.org/email-tools/procmail-security.html

The archive of the sanitizer discussion list is at
http://www.spconnect.com/mailman/listinfo/esd-l



-----BEGIN PGP SIGNATURE-----
Version: PGP 5.0
Charset: noconv

iQA/AwUBQcXQUdgi5ua4cy55EQKNIwCgrKg8qGfrcQTgvh4cAV+WaaSE/4gAn3LH
8BS6LKHP9KYSLc9jsg6VovnY
=dPLJ
-----END PGP SIGNATURE-----

--
 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org    FALaholic #11174    pgpk -a jhardin at impsec.org
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
What nuts do with guns is terrible, certainly. But what evil or crazy
people do with *anything* is not a valid argument for banning that item.
                                  -- John C. Randolph <jcr at idiom.com>
-----------------------------------------------------------------------


More information about the esa-l mailing list