ReleaseNotes in sup-0.13.2.1 vs ReleaseNotes in sup-0.14.0

- old
+ new

@@ -1,25 +1,22 @@ -Release 0.13.2.1: +Release 0.14.0: -Security advisory (#SBU1) for Sup +CJK-compatability, Psych usage, thread safety, GPGME 2.0 support. Sup is now +Ruby 1.9 based, and apart from RMail - ready for Ruby 2.0.0. -We have been notified of an potential exploit in the somewhat careless -way Sup treats attachment metadata in received e-mails. The issues -should now be fixed and I have released Sup 0.13.2.1 and 0.14.1.1 which -incorporates these fixes. Please upgrade immediately and also ensure -that your mime-decode or mime-view hooks are secure [0], [1]. +Sup now uses Psych as a YAML parser (default by Ruby) and your previous +configuration files (~/.sup/*.yaml) may need to be migrated or re-created for +them to work with the new sup. A migration script is included for this. -This is specifically related to using quotes (',") around filename or -content_type which is already escaped using Ruby Shellwords.escape - -this means that the string (content_type, filename) is intended to be -used _without_ any further quotes. Please make sure that if you use -.mailcap (non OSX systems), you do not quote the string. +Check https://github.com/sup-heliotrope/sup/wiki/Migration-0.13-to-0.14 for +the latest instructions. -Credit goes to: joernchen of Phenoelit (http://phenoelit.de) who -discovered and suggested fixes for these issues. +First back up your ~/.sup directory and index, after installing the new sup +run: -[0] https://github.com/sup-heliotrope/sup/wiki/Viewing-Attachments -[1] https://github.com/sup-heliotrope/sup/wiki/Secure-usage-of-Sup +$ sup-psych-ify-config-files + +to migrate your files. You should now be all set for buisness. Release 0.13.2: FreeBSD compatability and more thread safe polling.