eric/mailpit
1
0
Fork 0
mirror of https://github.com/axllent/mailpit.git synced 2026-06-30 07:56:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b82960928a490764ddfcd758cb297e566d2e4b2a
mailpit/internal
History
Ralph Slooten 35079d182c Security: Fix for path traversal & arbitrary file write in mailpit dump --http via attacker-controlled message IDs (GHSA-qx5x-85p8-vg4j) 
This fix also adds HTTP data limits to prevent excessively large files being transmitted by an attacker-controlled server (fake Mailpit).
2026-05-14 15:02:07 +12:00
..
auth
Reorder send API CLI flags
2025-05-30 11:03:30 +12:00
dump
Security: Fix for path traversal & arbitrary file write in mailpit dump --http via attacker-controlled message IDs (GHSA-qx5x-85p8-vg4j)
2026-05-14 15:02:07 +12:00
html2text
Fix test expectations and handle Strip function return values in html2text tests
2026-05-09 17:26:15 +12:00
htmlcheck
Security: Block internal IP access by default in HTML check (GHSA-j3fj-qppj-fmmc)
2026-05-14 15:02:07 +12:00
linkcheck
Update inline TLS verification docs for healthcheck and link checks
2026-03-09 12:44:39 +13:00
logger
Chore: Remove logrus dependency and implement slog-based logging
2026-05-05 16:48:33 +12:00
pop3
Chore: Refactor code with go fix
2026-03-03 16:03:28 +13:00
pop3client
Chore: Refactor code with go fix
2026-03-03 16:03:28 +13:00
prometheus
Chore: Refactor Prometheus metrics implementation and remove unused dependencies
2026-05-06 16:28:43 +12:00
shortuuid
Chore: Replace lithammer/shortuuid with custom shortuuid implementation and update tests
2026-05-05 17:09:55 +12:00
smtpd
Security: Set a default 50MB p/m limit to prevent DoS via unlimited SMTP DATA and /api/v1/send body sizes (GHSA-fpxj-m5q8-fphw)
2026-05-12 17:22:00 +12:00
snakeoil
Feature: Add ability to generate self-signed (snakeoil) certificates for UI, SMTP and POP3 (#539)
2025-07-24 17:02:50 +12:00
spamassassin
Chore: Refactor error handling and resource management across multiple files (golangci-lint)
2025-06-22 15:25:21 +12:00
stats
Security: Prevent integer overflow conversion to uint64
2025-07-25 20:33:27 +12:00
storage
Refactor html2text.Strip to return an error and handle it in storage and tools packages
2026-05-09 17:21:36 +12:00
tools
Security: Include CGNAT (Carrier-Grade NAT) in internal IP checks (GHSA-j3fj-qppj-fmmc)
2026-05-14 15:01:36 +12:00