Security fixes in renattach 1.2.1e
Please see this notice, as sent out on the renattach mailing list:
renattach RPM package
I've built a RPM package for renattach , which is already available on the Redhat contrib tree:
1.2.0rc2 corrects all known issues to date
I would like to announce 1.2.0rc2. All known bugs have been fixed. No new features are planned for 1.2.0. Thanks to all who submitted live worms/viruses; filter operation has been verified against all available live viruses (over 400 in my corpus).
Version 1.2.0 is a complete rewrite, incorporating many of the suggestions I have received over the years that were not possible to implement in version 1.1.x. Most notably, renattach now parses and interprets all MIME attachments (with any filename encoding) and then rewrites the headers fresh to guarantee a specific format. This means that it provides substantially more protection than a filter that just searches for filenames.
Re: Renattach - encoded filenames
> I am german-speaking, and we use
> 'Umlauts' as normal part of our
> language, which means that the letters
> ä ö ü, . . .
> So if my users attach a file called
> 'Fassadenänderung.dwg', it annoys
> them if it arrives as 'filename'. What
> can be done about this, keeping in mind
> there are a lot of languages each with
> non-ASCII letters in them?
In the current version, after running "./configure" edit the resulting "defs.h" and comment out the line that says #define CATCH_CODED
The next version will recognize ISO-8859 encoded filenames; this will cover all Western European languages so you shouldn't see this stock renaming behaviour unless it's another, unrecognized character set.
Renattach - encoded filenames
I am german-speaking, and we use 'Umlauts' as normal part of our language, which means that the letters ä ö ü, and in french speaking parts of switzerland also éàè can be part of a normal filename. So if my users attach a file called 'Fassadenänderung.dwg', it annoys them if it arrives as 'filename'. What can be done about this, keeping in mind there are a lot of languages each with non-ASCII letters in them?
Software is undergoing re-design
I am re-designing the software, and hope to fix several problems with attachments going through unrecognized. I am collecting infectious emails (plaintext) for research, please send such samples compressed to firstname.lastname@example.org (mailto:email@example.com)
It works for me!
OK, I contributed about 3 lines of code to the project so I'm biased, but it does what I need - its just blocked the W32/SircamA worm on my network.
I believe I have fixed all the problems that Mr. Skoll had identified earlier (fixed in version 1.00).
An open, cross-platform journaling program.
A scientific plotting package.