From 4dc70bbcc0856b2a27d0d6c0a2def51433712e36 Mon Sep 17 00:00:00 2001
From: msapiro <>
Date: Fri, 23 Jun 2006 20:03:32 +0000
Subject: - Decorate.py  Fixed bug 1507248 by ignoring header/footer characters
   outside the character set of the list's language.

- Utils.py  Fixed a security hole which allowed a crafted URI to inject
  bogus apparent messages into the error log, possibly inducing an admin to
  visit a phishing site.
---
 Mailman/Handlers/Decorate.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'Mailman/Handlers')

diff --git a/Mailman/Handlers/Decorate.py b/Mailman/Handlers/Decorate.py
index 41db3950..d6b20391 100644
--- a/Mailman/Handlers/Decorate.py
+++ b/Mailman/Handlers/Decorate.py
@@ -95,8 +95,8 @@ def process(mlist, msg, msgdata):
         # TK: Try to keep the message plain by converting the header/
         # footer/oldpayload into unicode and encode with mcset/lcset.
         # Try to decode qp/base64 also.
-        uheader = unicode(header, lcset)
-        ufooter = unicode(footer, lcset)
+        uheader = unicode(header, lcset, 'ignore')
+        ufooter = unicode(footer, lcset, 'ignore')
         try:
             oldpayload = unicode(msg.get_payload(decode=True), mcset)
             frontsep = endsep = u''
-- 
cgit v1.2.3