[Bug 8337] SpamAssassin creates malformed X-Ham-Report header (Content preview) with unescaped Unicode BOM

bugzilla-daemon Tue, 15 Jul 2025 02:37:43 -0700

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8337


lurkertech <spamassas...@lurkertech.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |spamassas...@lurkertech.com

--- Comment #1 from lurkertech <spamassas...@lurkertech.com> ---
Seems plausible that this might also be a security issue, if there is some way
of exploiting vulnerabilities in mail handlers by being able to insert
arbitrary Unicode characters in an SMTP header (not sure if there is, but seems
likely given how many other Unicode-related hacks there are).

Should this be marked security component?

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 8337] SpamAssassin creates malformed X-Ham-Report header (Content preview) with unescaped Unicode BOM

Reply via email to