[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[nmh-commits] [SCM] The nmh Mail Handling System branch, gmailapis, upda
|
From: |
David Levine |
|
Subject: |
[nmh-commits] [SCM] The nmh Mail Handling System branch, gmailapis, updated. 1.8-163-g740361e4 |
|
Date: |
Sat, 18 Nov 2023 09:50:31 -0500 (EST) |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The nmh Mail Handling System".
The branch, gmailapis has been updated
via 740361e4f3347c949e5ed4568699495c21114c93 (commit)
via b59b8f5ee3ce8d37d1a9971dcf8abb3ec26e5ae9 (commit)
via a5bf8c7bdc0393a0c6c5813c1b67c806fc93970f (commit)
via 3a1f353fb1f890bbcdc70e06b1946366da9e343d (commit)
from 3e2d7be7a8c004a7c3b6e64f38041ff96154ce62 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 740361e4f3347c949e5ed4568699495c21114c93
Author: David Levine <levinedl@acm.org>
Date: Sat Nov 18 09:46:51 2023 -0500
Resolved CWE 78 potential vulnerabilities revealed by CASA Fortify scan.
All were due to passing the argument to a -folder option directly to an
os function. Mitigate by only allowing alphanumeric, ',', '-', '.', '/',
and '_' characters in the folder name.
Also neutralize ginc.py -delivery and gpost.py alias file names.
commit b59b8f5ee3ce8d37d1a9971dcf8abb3ec26e5ae9
Author: David Levine <levinedl@acm.org>
Date: Mon Nov 13 20:32:29 2023 -0500
Fix detection of invalid From: address in gpost.py.
commit a5bf8c7bdc0393a0c6c5813c1b67c806fc93970f
Author: David Levine <levinedl@acm.org>
Date: Mon Nov 13 20:06:00 2023 -0500
Resolved CWE 497 potential vulnerabilities revealed by CASA Fortify scan.
All were due to printing out the value of an Exception when displaying
error messages. Prevent that by not referring to the Exception.
CWE = Common Weakness Enumeration
CASA = Cloud Application Security Assessment
commit 3a1f353fb1f890bbcdc70e06b1946366da9e343d
Author: David Levine <levinedl@acm.org>
Date: Fri Nov 10 10:43:03 2023 -0500
Removed unused progname argument from several internal functions.
The functions are update_oauth2_creds(), login(), and authenticate().
-----------------------------------------------------------------------
Summary of changes:
docs/contrib/gmailapis/ginc.py | 52 +++++++-----
docs/contrib/gmailapis/glogin.py | 21 +++--
docs/contrib/gmailapis/gpost.py | 150 +++++++++++++++++++++------------
docs/contrib/gmailapis/gpost_test.py | 26 +++++-
docs/contrib/gmailapis/nmh_gmailapi.py | 62 ++++++++++----
5 files changed, 205 insertions(+), 106 deletions(-)
hooks/post-receive
--
The nmh Mail Handling System
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [nmh-commits] [SCM] The nmh Mail Handling System branch, gmailapis, updated. 1.8-163-g740361e4,
David Levine <=