diff options
| -rw-r--r-- | Mailman/Handlers/Scrubber.py | 3 | ||||
| -rw-r--r-- | NEWS | 3 |
2 files changed, 5 insertions, 1 deletions
diff --git a/Mailman/Handlers/Scrubber.py b/Mailman/Handlers/Scrubber.py index 97e443b7..cecd11fb 100644 --- a/Mailman/Handlers/Scrubber.py +++ b/Mailman/Handlers/Scrubber.py @@ -471,7 +471,8 @@ def save_attachment(mlist, msg, dir, filter_html=True): # guessed so attachments can't lie about their type. Also, if the # filename /has/ no extension, then tack on the one we guessed. # The extension was removed from the name above. - filebase = filename + # Allow for extra and ext and keep it under 255 bytes. + filebase = filename[:240] # Now we're looking for a unique name for this file on the file # system. If msgdir/filebase.ext isn't unique, we'll add a counter # after filebase, e.g. msgdir/filebase-cnt.ext @@ -24,6 +24,9 @@ Here is a history of user visible changes to Mailman. mailbombing of a member of a list with private rosters by repeated subscribe attempts. (LP: #1883017) + - Very long filenames for scrubbed attachments are now truncated. + (LP: #1884456) + 2.1.33 (07-May-2020) Security |