Re: [Evolution-hackers] Evolution Maintainership
On Thu, 2007-03-29 at 15:15 +0530, Harish Krishnaswamy wrote: > Hi friends, > > This mail is to announce that Srinivasa Ragavan (srag) is joining me > to assume the responsibilites as maintainer of the Evolution project. > > Most of you already know Srini (as he is fondly referred to by the Evo > folks) - having interacted with him on IRC, mail or in person during > GUADEC 2006. He is one of our best and most energetic hackers. A few > of his notable contributions include the Evolution Attachment Bar, the > Vertical View for mails, integrating Evolution with the GNOME keyring > and the GNOME VFS backend etc. He has also been prolific in building > the student community in India as part of the Novell Open Source > Internship Program and has mentored students on the Global search, > Cairo integration, migration to gtk-print etc. > He is also looking after the addressbook module in Evolution and > GtkHTML and has been handling the release management partly during the > last development series. > Thanks Harish for this opportunity. I will do my very best to make Evolution a better enterprise quality groupware client. > Srini is already busy seeding the Planning page for Evolution Two > Twelve. Please join the discussions at > http://www.go-evolution.org/Evo2.12. I welcome your suggestions. Please feel free to add your thoughts to the page. Cheers, Srini. ___ Evolution-hackers mailing list Evolution-hackers@gnome.org http://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Proposed fix for bug 311512
On Fri, 2007-03-30 at 07:51 +0100, Karl Relton wrote:
> Srini
>
> Welcome to your new role (again!).
>
> Last week I posted two patches (one for eds, one for evo) on evo bugzill
> that I believe fix bug 311512.
> --- camel-folder.h.1102007-03-20 16:57:40.0 +
> +++ camel-folder.h2007-03-20 16:50:34.0 +
> @@ -195,6 +195,7 @@ typedef struct {
> void (*freeze)(CamelFolder *folder);
> void (*thaw) (CamelFolder *folder);
> gboolean (*is_frozen) (CamelFolder *folder);
> + int (*get_filter_thread) (CamelFolder *folder);
> } CamelFolderClass;
On first look, I noticed that your patch has introduced an ABI break in
CamelFolderClass.
I'm sure that the mailer hackers would have a more closer look at it.
Thanks for your friendly poke :-)
-Srini.
> f
> Could you take a look - any comments are welcome!
>
> Regards
> Karl
>
> ___
> Evolution-hackers mailing list
> Evolution-hackers@gnome.org
> http://mail.gnome.org/mailman/listinfo/evolution-hackers
___
Evolution-hackers mailing list
Evolution-hackers@gnome.org
http://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Bug in main_system_beep?
On Fri, 2007-03-30 at 07:48 +0100, Karl Relton wrote:
> Srini
>
> Welcome to your new role.
Thanks you.
> I posted this on evolution-patches a couple of
> weeks back, but don't think anyone has got round to it yet ...
>
>
> Whilst looking at the code for other things, I think I have spotted a
> bug in main_system_beep() in mail-session.c.
You are absolutely right. It is a bug and the patch fixes it right. Just
for tracking, file a bug and attach the patch to bugzilla (Pass us the
bug id). It has to go for STABLE and trunk branches.
-Srini.
>
> Comparing the beep function with play_sound function:
>
> session_play_sound() and main_play_sound() do a
> camel_object_ref(session) and a camel_object_unref(session) between
> them.
>
> However, session_system_beep() and main_system_beep() does the
> camel_object_ref(session) but without the corresponding unref.
>
> I assume thats wrong - the patch below fixes that by putting in the
> unref.
>
> Karl
>
> --- mail-session.c.old 2007-03-02 11:31:23.0 +
> +++ mail-session.c 2007-03-02 11:29:42.0 +
> @@ -441,6 +441,7 @@ static void
> main_system_beep (CamelFilterDriver *driver, gpointer user_data)
> {
> gdk_beep ();
> + camel_object_unref (session);
> }
>
> static void
>
>
> ___
> Evolution-hackers mailing list
> Evolution-hackers@gnome.org
> http://mail.gnome.org/mailman/listinfo/evolution-hackers
___
Evolution-hackers mailing list
Evolution-hackers@gnome.org
http://mail.gnome.org/mailman/listinfo/evolution-hackers
[Evolution-hackers] Proposed fix for bug 311512
Srini Welcome to your new role (again!). Last week I posted two patches (one for eds, one for evo) on evo bugzill that I believe fix bug 311512. Could you take a look - any comments are welcome! Regards Karl ___ Evolution-hackers mailing list Evolution-hackers@gnome.org http://mail.gnome.org/mailman/listinfo/evolution-hackers
[Evolution-hackers] Bug in main_system_beep?
Srini
Welcome to your new role. I posted this on evolution-patches a couple of
weeks back, but don't think anyone has got round to it yet ...
Whilst looking at the code for other things, I think I have spotted a
bug in main_system_beep() in mail-session.c.
Comparing the beep function with play_sound function:
session_play_sound() and main_play_sound() do a
camel_object_ref(session) and a camel_object_unref(session) between
them.
However, session_system_beep() and main_system_beep() does the
camel_object_ref(session) but without the corresponding unref.
I assume thats wrong - the patch below fixes that by putting in the
unref.
Karl
--- mail-session.c.old 2007-03-02 11:31:23.0 +
+++ mail-session.c 2007-03-02 11:29:42.0 +
@@ -441,6 +441,7 @@ static void
main_system_beep (CamelFilterDriver *driver, gpointer user_data)
{
gdk_beep ();
+ camel_object_unref (session);
}
static void
___
Evolution-hackers mailing list
Evolution-hackers@gnome.org
http://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Security vulnerability in APOP authentication
Thanks for reporting this issue. I have filed this as http://bugzilla.gnome.org/show_bug.cgi?id=424373 for better tracking. -- Sankar ___ Evolution-hackers mailing list Evolution-hackers@gnome.org http://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Evolution Maintainership
On Thu, 2007-03-29 at 15:15 +0530, Harish Krishnaswamy wrote: > This mail is to announce that Srinivasa Ragavan (srag) is joining me > to assume the responsibilites as maintainer of the Evolution project. > > [...] Congratulations, Srini! And a big thank you to Harish and the Evolution team for your hard work and dedication to the project. The truth is, with more than 7 years of development behind it, it's one of the best mailers around. -- Hans Petter Passionate Evolution user ___ Evolution-hackers mailing list Evolution-hackers@gnome.org http://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Evolution Maintainership
On 3/29/07, Harish Krishnaswamy <[EMAIL PROTECTED]> wrote: > This mail is to announce that Srinivasa Ragavan (srag) is joining me > to assume the responsibilites as maintainer of the Evolution project. Congrats Srini... Evolution has been one of my favourite mail client & I'm looking forward to the 2.12 release :) > Though I would not be hacking on Evolution full-time in the near > future, I hope to do my bit by reviewing patches, writing > documentation and keeping the web sites up-to-date on spare cycles. >I would also like to thank you all for your co-operation and for > bearing with me while I was learning the ropes and juggling through my > priorities. You have helped me to learn a lot and have loads of fun > while doing so. So does that means you'll be leaving the Evolution project? Onto something new? Regards, makuchaku http://www.makuchaku.info/blog ___ Evolution-hackers mailing list Evolution-hackers@gnome.org http://mail.gnome.org/mailman/listinfo/evolution-hackers
[Evolution-hackers] 2.10.0 GPG-signing badness (was Re: ANNOUNCE: Evolution 2.10.0...)
On Tue, 2007-03-13 at 13:08 +0530, Harish Krishnaswamy wrote: > The Evolution Team is pleased to announce the release of > > * Evolution 2.10.0 Attempting to send GPG-signed mails freezes evolution. Mail is not sent. Evo needs to be killed. BZ: #418255 http://bugzilla.gnome.org/show_bug.cgi?id=418255 Something to do with the gpg password dialog possibly (see bug report). Ow. -- Saikat ___ Evolution-hackers mailing list Evolution-hackers@gnome.org http://mail.gnome.org/mailman/listinfo/evolution-hackers
[Evolution-hackers] Security vulnerability in APOP authentication
Hello, I found a security vulnerability in the APOP authentication. It is related to recent collision attacks by Wang and al. against MD5. The basic idea is to craft a pair of message-ids that will collide in the APOP hash if the password begins in a specified way. So the attacker would impersonate a POP server, and send these msg-id; the client will return the hash, and the attacker can learn some password characters. The msg-ids will be generated from a MD5 collision: if you have two colliding messages for MD5 "<[EMAIL PROTECTED]>x" and "<[EMAIL PROTECTED]>x", and the message are of length two blocks, then you will use "<[EMAIL PROTECTED]>" and "<[EMAIL PROTECTED]>" as msg-ids. When the client computes MD5(msg-id||passwd) with these two, it will collide if the first password character if 'x', no matter what is next (since we are at a block boundary, and the end of the password will be the same in the two hashs). Therefore you can learn the password characters one by one (actually you can only recover three of them, due to the way MD5 collisions are computed). This attack is really a practical one: it needs about an hour of computation and a few hundred authentications from the client, and can recover three password characters. I tested it against Evolution, and it does work. However, using the current techniques available to attack MD5, the msg-ids sent by the server can easily be distinguished from genuine ones as they will not respect the RFC specification. In particular, they will contain non-ASCII characters. Therefore, as a security countermeasure, I think Evolution should reject msg-ids that does not conform to the RFC. The details of the attack and the new results against MD5 needed to build it will be presented in the Fast Software Encryption conference on March 28. I can send you some more details if needed. Meanwhile, feel free to alert any one that you believe is concerned. I am already sending this mail to the maintainers of Thunderbird, Evolution, fetchmail, and mutt. KMail already seems to do enough checks on the msg-id to avoid the attack. Please CC me in any reply. -- Gaëtan LEURENT ___ Evolution-hackers mailing list Evolution-hackers@gnome.org http://mail.gnome.org/mailman/listinfo/evolution-hackers
[Evolution-hackers] Evolution Maintainership
Hi friends, This mail is to announce that Srinivasa Ragavan (srag) is joining me to assume the responsibilites as maintainer of the Evolution project. Most of you already know Srini (as he is fondly referred to by the Evo folks) - having interacted with him on IRC, mail or in person during GUADEC 2006. He is one of our best and most energetic hackers. A few of his notable contributions include the Evolution Attachment Bar, the Vertical View for mails, integrating Evolution with the GNOME keyring and the GNOME VFS backend etc. He has also been prolific in building the student community in India as part of the Novell Open Source Internship Program and has mentored students on the Global search, Cairo integration, migration to gtk-print etc. He is also looking after the addressbook module in Evolution and GtkHTML and has been handling the release management partly during the last development series. Srini is already busy seeding the Planning page for Evolution Two Twelve. Please join the discussions at http://www.go-evolution.org/Evo2.12. I wish Srini the best in his new role. Though I would not be hacking on Evolution full-time in the near future, I hope to do my bit by reviewing patches, writing documentation and keeping the web sites up-to-date on spare cycles. I would also like to thank you all for your co-operation and for bearing with me while I was learning the ropes and juggling through my priorities. You have helped me to learn a lot and have loads of fun while doing so. - Harish -- Pure in heart, like uncut jade, he cleared the muddy water by leaving it alone. ___ Evolution-hackers mailing list Evolution-hackers@gnome.org http://mail.gnome.org/mailman/listinfo/evolution-hackers
