Your message dated Wed, 04 Mar 2026 15:20:44 +0000
with message-id <[email protected]>
and subject line Bug#1129594: Removed package(s) from unstable
has caused the Debian Bug report #419972,
regarding sylpheed: ..spam spoof spoofs html redering, puts "real" Paypal at
armordolls.it
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
419972: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=419972
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sylpheed
Version: 2.4.0~beta8-1
Severity: critical
Justification: causes serious data loss
...this html mail snip:
<P align=left><FONT face=Verdana size=2>Please visit the resolution center
located here</FONT></P>
<html><P align=left><BR><A target="_blank"
href="http://www.armordolls.it/pay.html"; ><FONT face=Verdana
size=2>https://www.paypal.com/cgi-bin/webscr?cmd=_login-run=res-center</FONT></html></A></P>
<P align=left><BR><FONT face=Verdana size=2><BR> to verify your identity and
avoid the blocking of your account</FONT></P>
<P align=left><FONT face=Verdana color=#838383 size=2>Sincerely,<BR>PayPal
Account Review Department<BR>PayPal,an eBay Company</FONT><BR></P>
<P> </P></xbody>
...will show "https://www.paypal.com/cgi-bin/webscr?cmd=_login-run=res-center";,
both in the message body,
and on the status line on mouse-over, and take the user to the rather credible
armordoll.it site where
he can surrender his paypal data 'n monetas. Ctrl-U will show the spoofed html
source correctly.
...best remedy is remove the html rendering. Toggling it on|off will also work.
...this bug is also present on the 2.3.etc version of Sylpheed.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i586)
Kernel: Linux 2.6.18-4-486
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages sylpheed depends on:
ii libaspell15 0.60.5-1 GNU Aspell spell-checker runtime l
ii libatk1.0-0 1.18.0-2 The ATK accessibility toolkit
ii libbluetooth2 3.9-1 Library to use the BlueZ Linux Blu
ii libc6 2.5-2 GNU C Library: Shared libraries
ii libcairo2 1.4.4-1 The Cairo 2D vector graphics libra
ii libcompfaceg1 1:1.5.2-4 Compress/decompress images for mai
ii libfontconfig1 2.4.2-1.2 generic font configuration library
ii libfreetype6 2.2.1-5 FreeType 2 font engine, shared lib
ii libglib2.0-0 2.12.11-3 The GLib library of C routines
ii libgpg-error0 1.4-2 library for common error values an
ii libgpgme11 1.1.2-5 GPGME - GnuPG Made Easy
ii libgtk2.0-0 2.10.11-2 The GTK+ graphical user interface
ii libgtkspell0 2.0.10-3+b1 a spell-checking addon for GTK's T
ii libldap2 2.1.30-13.4 OpenLDAP libraries
ii libpango1.0-0 1.16.2-1 Layout and rendering of internatio
ii libpisock9 0.12.2-9 library for communicating with a P
ii libpng12-0 1.2.15~beta5-1 PNG library - runtime
ii libssl0.9.8 0.9.8e-4 SSL shared libraries
ii libusb-0.1-4 2:0.1.12-7 userspace USB programming library
ii libx11-6 2:1.0.3-7 X11 client-side library
ii libxcursor1 1:1.1.8-2 X cursor management library
ii libxext6 1:1.0.3-2 X11 miscellaneous extension librar
ii libxfixes3 1:4.0.3-2 X11 miscellaneous 'fixes' extensio
ii libxi6 1:1.0.1-4 X11 Input extension library
ii libxinerama1 1:1.0.2-1 X11 Xinerama extension library
ii libxrandr2 2:1.1.0.2-5 X11 RandR extension library
ii libxrender1 1:0.9.2-1 X Rendering Extension client libra
ii zlib1g 1:1.2.3-13 compression library - runtime
Versions of packages sylpheed recommends:
ii aspell-en [aspell-dictiona 6.0-0-5.1 English dictionary for GNU Aspell
ii metamail 2.7-53 implementation of MIME
ii sylpheed-claws-scripts 1.0.5-5.1 Helper scripts for Sylpheed and Sy
ii sylpheed-i18n 2.4.0~beta8-1 Locale data for Sylpheed (i18n sup
ii xfonts-100dpi 1:1.0.0-3 100 dpi fonts for X
ii xfonts-100dpi-transcoded 1:1.0.0-3 100 dpi fonts for X (transcoded fr
ii xfonts-75dpi 1:1.0.0-3 75 dpi fonts for X
ii xfonts-75dpi-transcoded 1:1.0.0-3 75 dpi fonts for X (transcoded fro
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 3.8.0~beta1-3+rm
Dear submitter,
as the package sylpheed has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see https://bugs.debian.org/1129594
The version of this package that was in Debian prior to this removal
can still be found using https://snapshot.debian.org/.
Please note that the changes have been done on the master archive and
will not propagate to any mirrors until the next dinstall run at the
earliest.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
[email protected].
Debian distribution maintenance software
pp.
Thorsten Alteholz (the ftpmaster behind the curtain)
--- End Message ---
