[Evolution-hackers] Security vulnerability in APOP authentication

2007-03-29 Thread Gaƫtan LEURENT
Hello, I found a security vulnerability in the APOP authentication. It is related to recent collision attacks by Wang and al. against MD5. The basic idea is to craft a pair of message-ids that will collide in the APOP hash if the password begins in a specified way. So the attacker would

[Evolution-hackers] 2.10.0 GPG-signing badness (was Re: ANNOUNCE: Evolution 2.10.0...)

2007-03-29 Thread Saikat Guha
On Tue, 2007-03-13 at 13:08 +0530, Harish Krishnaswamy wrote: The Evolution Team is pleased to announce the release of * Evolution 2.10.0 Attempting to send GPG-signed mails freezes evolution. Mail is not sent. Evo needs to be killed. BZ: #418255

Re: [Evolution-hackers] Evolution Maintainership

2007-03-29 Thread Hans Petter Jansson
On Thu, 2007-03-29 at 15:15 +0530, Harish Krishnaswamy wrote: This mail is to announce that Srinivasa Ragavan (srag) is joining me to assume the responsibilites as maintainer of the Evolution project. [...] Congratulations, Srini! And a big thank you to Harish and the Evolution team for

[Evolution-hackers] Bug in main_system_beep?

2007-03-29 Thread Karl Relton
Srini Welcome to your new role. I posted this on evolution-patches a couple of weeks back, but don't think anyone has got round to it yet ... Whilst looking at the code for other things, I think I have spotted a bug in main_system_beep() in mail-session.c. Comparing the beep function with

[Evolution-hackers] Proposed fix for bug 311512

2007-03-29 Thread Karl Relton
Srini Welcome to your new role (again!). Last week I posted two patches (one for eds, one for evo) on evo bugzill that I believe fix bug 311512. Could you take a look - any comments are welcome! Regards Karl ___ Evolution-hackers mailing list