-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Jan,
This is more a configuration problem: all these modules (php, python or
whatever) should be disabled where hypermail ouputs its files, as if
someone sends a mail with a .php file as attachment (or for another
module), it will be hosted as-is (f
Hi Kevin,
> For anybody who falls on this bug, PHP MUST BE disabled where hypermail
> outputs its files, or i guess someone can hack you by sending php files
> to the list and you will host those backdoors..!
how is this going to work? The first line that hypermail writes contains
"
signature.as
For anybody who falls on this bug, PHP MUST BE disabled where hypermail
outputs its files, or i guess someone can hack you by sending php files
to the list and you will host those backdoors..!
This bug is invalid and it highlights a dangerous config.
--
To UNSUBSCRIBE, email to debian-bugs-dist
3 matches
Mail list logo
