Endian Bugtracker
Endian Issue Tracker





Please see now our new Bugtracker system: JIRA








View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0003105Endian FirewallInput Validationpublic2010-08-10 18:112010-10-08 17:49
Reportersimon-endian 
Assigned To 
PrioritynormalSeverityminorReproducibilityalways
StatusconfirmedResolutionopen 
PlatformOSOS Version
Product Version2.3 
Target VersionfutureFixed in Version 
Summary0003105: if spam subject contains ' amavisd does not start
Descriptionthis happens because single quotes are not escaped in template (/etc/amavisd.conf)
Tagspurple
Attached Files

- Relationships

-  Notes
(0004703)
luca-endian (developer)
2010-08-31 15:40
edited on: 2010-08-31 15:44

It happens with: ' and maybe other special chars in (2.3 as well)

The ' are kept in /var/efw/smtpscan/settings and /etc/amavisd.conf
then
/etc/init.d/amavisd start [FAILED].....

(0004925)
peter-endian (administrator)
2010-10-08 17:46

space is fixed, ' not
(0004926)
peter-endian (administrator)
2010-10-08 17:48

i think we will not fix this right now, simply do not use ' in spam subjects

input validation will be greatly improved when we switch to emi.

- Issue History
Date Modified Username Field Change
2010-08-10 18:11 simon-endian New Issue
2010-08-31 15:38 luca-endian Tag Attached: purple
2010-08-31 15:40 luca-endian Note Added: 0004703
2010-08-31 15:44 luca-endian Note Edited: 0004703
2010-10-08 17:46 peter-endian Note Added: 0004925
2010-10-08 17:47 peter-endian Summary if spam subject contains spaces amavisd does not start => if spam subject contains ' amavisd does not start
2010-10-08 17:48 peter-endian Note Added: 0004926
2010-10-08 17:48 peter-endian Status new => confirmed
2010-10-08 17:48 peter-endian Project not released => Endian Firewall
2010-10-08 17:49 peter-endian Severity block => minor
2010-10-08 17:49 peter-endian Category Proxy SMTP => Input Validation
2010-10-08 17:49 peter-endian Target Version => future

Copyright © 2005-2008 Endian, SRL. All rights reserved.


Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker