[bug #26577] Changed semantic for unpack breaks UTF-8

[Earl Hood]

Update of bug #26577 (project mhonarc):

  Status:None = In Progress


___

Reply to this item at:

  http://savannah.nongnu.org/bugs/?26577

___
  Message sent via/by Savannah
  http://savannah.nongnu.org/

-
To sign-off this list, send email to majord...@mhonarc.org with the
message text UNSUBSCRIBE MHONARC-DEV

[bug #32014] CVE-2010-1677: DoS when processing html messages with deep tag nesting

[Earl Hood]

URL:
  http://savannah.nongnu.org/bugs/?32014

 Summary: CVE-2010-1677: DoS when processing html messages
with deep tag nesting
 Project: MHonArc
Submitted by: ehood
Submitted on: Thu 30 Dec 2010 02:45:51 PM CST
Category: MIME Filter
Severity: 6 - Security
  Item Group: Undesired Behavior
  Status: In Progress
 Privacy: Private
 Assigned to: ehood
 Open/Closed: Open
 Discussion Lock: Any
Operating System: All
Perl Version: All
   Component Version: 2.6.16
   Fixed Release: 

___

Details:

If a malformed HTML message contains something like the following:

  bobobobobodydydydydy

But to a much larger extent, will cause mhonarc to consume
a alot of CPU resources to strip out the data.




___

Reply to this item at:

  http://savannah.nongnu.org/bugs/?32014

___
  Message sent via/by Savannah
  http://savannah.nongnu.org/

-
To sign-off this list, send email to majord...@mhonarc.org with the
message text UNSUBSCRIBE MHONARC-DEV