POP3 is broken #2756
POP3 is broken #2756
Conversation
nextgens
added
priority/p0
|
Thanks for submitting this pull request. bors try Note: if this build fails, read this. |
|
bors try |
tryAlready running a review |
tryBuild failed: |
|
bors try |
tryBuild failed: |
|
bors try |
tryBuild failed: |
|
bors try |
|
bors try |
tryAlready running a review |
tryBuild failed: |
|
bors try |
tryBuild failed: |
|
bors try |
tryBuild succeeded: |
There was a problem hiding this comment.
With the suggested changes it should be fine. The delimiter must be random to make sure an attacker cannot put the delimiter in the newsfragment and still have the ability to execute random code.
I tested it here:
https://github.com/Diman0/Mailu_Fork/actions/runs/4644712577/jobs/8220143961
https://github.com/Diman0/Mailu_Fork/releases/tag/1.9.29
|
bors try |
tryBuild succeeded: |
| conn.ehlo() | ||
| conn.login(username, password) | ||
| print(f'Authenticating to smtp://{username}:{password}@{server}:25/ worked without STARTTLS!') | ||
| os.exit(104) |
There was a problem hiding this comment.
| os.exit(104) | |
| os.exit(106) |
due to the above changes this number must be bumped to make it unique.
|
bors try |
Diman0
added
the
type/backport
tryBuild succeeded: |
|
bors r+ |
|
Build succeeded: |
2758: POP3 is broken (backport #2756) r=mergify[bot] a=mergify[bot] This is an automatic backport of pull request #2756 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - ``@Mergifyio` refresh` will re-evaluate the rules - ``@Mergifyio` rebase` will rebase this PR on its base branch - ``@Mergifyio` update` will merge the base branch into this PR - ``@Mergifyio` backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details> Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
What type of PR?
bug-fix
What does this PR do?
Add a test to show it's broken, then fix it.
Related issue(s)
Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.