ANNOUNCE: MHonArc v2.4.8

2001-04-14 17:44:14
MHonArc Users,

v2.4.8 is now available for download from <>
and <>.

This release contains bug fixes and a few enhancements requests.
A major fix is a work-around solution to perl crashing on HTML messages
that include large comment declarations.  I modified the comment
declaration processing code in the HTML filter that should avoid perl
from crashing but still prevent messages from trying to exploit sites.

Since I have been busy with regular work, there is still a TODO list.
Instead of waiting to try to get most of the items done before making
releases, I am taking the approach of making minor releases as changes
are made so there is not a long wait before anything is seen.

Summary of changes in v2.4.8:

04/13/2001      (2.4.8)

    o   Added the following resources:

            KEEPONRMM           Do not remove message files from disk
                                when messages are removed from the

    o   m2h_text_plain::filter now uses CHARSETCONVERTERS for
        translating text data with a specified charset parameter.
        The only exception is iso-2022-jp, which is handled directly
        to properly support nourl flag.

    o   m2h_external::filter new arguments:

                  A comma separated list of message specified filename
                  extensions to exclude.  I.e.  If the filename
                  extension matches an extension in excludeexts, the
                  content will not be written.  The return markup
                  will contain the name of the attachment, but no
                  link to the data.  This option is best used with
                  application/octet-stream to exclude unwanted data
                  that is not tagged with the proper content-type.
                  The m2h_null::filter can be used to exclude content
                  by content-type.

    o   m2h_null::filter will now output a one line description
        of the excluded content.  This is so the reader knows that
        there was message content not saved within the archive.

    o   m2h_text_plain::filter new arguments:

        usename         If extracting uuencoded data, the filename
                        specified should be used.

    o   m2h_text_html::filter new arguments:

        allowcomments   Preserve any comment declarations.  Normally
                        Comment declarations are munged to prevent
                        SSI attacks or comments that can conflict
                        with MHonArc processing.  Use this option
                        with care.

        (NOTE: Comment declarations were completely stripped before,
         but the regex used was known to crash perl on large comment
         declarations, so a simplier expression is now used to
         modify comment declarations to prevent possible attacks.)

Bug Fixes
Version:        2.4.7, and earlier
Problem:        Message with HTML content can cause perl to crash.
                Other symptom would be that a stale .mhonarc.lck
                directory would exist preventing further archive
Solution:       There appears to be a bug in perl's regex engine.
                The fix was to change comment declaration
                removal expression into a simplier one that just
                munges (removes parts) to avoid crashes.
Version Fixed:  2.4.8
Version:        2.4.7, and earlier
Problem:        Prefixing second argument to $PGLINKLIST()$ with
                a 'T' cause no thread page links to be rendered after
                current thread index page.
Solution:       Fixed in Make sure to strip 'T' from
                both arguments before evaluating numeric values.
Version Fixed:  2.4.8
Version:        2.4.7, and earlier
Problem:        Default CHARSETCONVERTERS values for latin[1-6] charsets
                causing require error.
Solution:       Fixed in (typo in library filename).
Version Fixed:  2.4.8

<Prev in Thread] Current Thread [Next in Thread>