/ 
Email-MIME-1.939-TRIAL
River stage three • 70 direct dependents • 184 total dependents
⭐ Starred 20 GitHub stars
Security Advisories (1)
CVE-2024-4140 (2024-05-02)

An excessive memory use issue (CWE-770) exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set (from 2020 and 2024) limits excessive depth and the total number of parts.

Changes for version 1.939 - 2017-01-14 (TRIAL RELEASE)

  • do not decode MIME headers known to be never encoded (Pali Rohár)
  • ...and that includes the Downgraded-* headers (Pali Rohár)

Changes for version 1.938 - 2017-01-01 (TRIAL RELEASE)

  • numerous small fixes to header encoding (thanks, Pali Rohár) for more details see https://github.com/rjbs/Email-MIME/pull/32
  • When a single-part content type has been provided with multiple parts, the user is now warned that the type has been changed to multipart/mixed. This helps catch typos like "mutlipart/alternative".

Modules

Email::MIME
easy MIME message handling
Email::MIME::Creator
obsolete do-nothing library
Email::MIME::Encode
a private helper for MIME header encoding
Email::MIME::Header
the header of a MIME message
Email::MIME::Modifier
obsolete do-nothing library

Other files