ANN: Version 1.149 of the Procmail Sanitizer has been released

John Hardin jhardin at impsec.org
Sat Dec 31 17:44:03 PST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The procmail sanitizer has been updated. The current version is 1.149
It is available via:

WORLD:  http://www.impsec.org.nyud.net:8090/email-tools/procmail-security.html
US/WA:  http://www.impsec.org/email-tools/procmail-security.html
US/CA:  http://www.kanon.net/mirror/impsec/email-tools/procmail-security.html

Direct links to the current tarball:

WORLD:  http://www.impsec.org.nyud.net:8090/email-tools/procmail-sanitizer.tar.gz
US/WA:  http://www.impsec.org/email-tools/procmail-sanitizer.tar.gz
US/CA:  http://www.kanon.net/mirror/impsec/email-tools/procmail-sanitizer.tar.gz

rsync client access for maintaining your own mirror is also available via:

    rsync --archive rsync://rsync.impsec.org/email-tools .

Please do not sync more than once a day.


db978ba4748650b9eb1eadc5f16eb6c0  html-trap.procmail
3e17ef9235a8b40e6c59272ed81d87cc  html-trap.procmail.nomacroscan
b712615e4eb25f9c63a7a47c743e59a8  procmail-sanitizer.tar.gz


- From the changelog:
12/31/2005 (1.149)
Scan RAR files the same as ZIP files; added $DISABLE_RAR_SCAN, $RARRED_WARNING and $RAR_MAGIC_WARNING.
Added WMF to the default $MANGLE_EXTENSIONS list, per the serious bug in Windows' WMF library.
Added $SECURITY_POISON_WMF, $WMF_WARNING and magic detection of WMF image files; requires /usr/bin/od.
Added MIME Content-* headers to the excessive length test list.
Added some new ZIP file magic values (Windows native zip client?).


The sanitizer home page is at
http://www.impsec.org/email-tools/procmail-security.html

The archive of the sanitizer discussion list is at
http://www.impsec.org/mailman/listinfo/esd-l


-----BEGIN PGP SIGNATURE-----
Version: PGP 5.0
Charset: noconv

iQA/AwUBQ7cegtgi5ua4cy55EQIUIgCgoZhmLMhV9qHdduAkg3Sdbd6Jf3EAnjHd
bNMx9xNvgywlCS1FZO5lhBTz
=s6iF
-----END PGP SIGNATURE-----

--
 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org    FALaholic #11174    pgpk -a jhardin at impsec.org
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  The first time I saw a bagpipe, I thought the player was torturing
  an octopus. I was amazed they could scream so loudly.
                                        -- cat_herder_5263 on Y! SCOX
-----------------------------------------------------------------------

More information about the esa-l mailing list