ReleaseNotes in sup-0.13.2.1 vs ReleaseNotes in sup-0.14.0
- old
+ new
@@ -1,25 +1,22 @@
-Release 0.13.2.1:
+Release 0.14.0:
-Security advisory (#SBU1) for Sup
+CJK-compatability, Psych usage, thread safety, GPGME 2.0 support. Sup is now
+Ruby 1.9 based, and apart from RMail - ready for Ruby 2.0.0.
-We have been notified of an potential exploit in the somewhat careless
-way Sup treats attachment metadata in received e-mails. The issues
-should now be fixed and I have released Sup 0.13.2.1 and 0.14.1.1 which
-incorporates these fixes. Please upgrade immediately and also ensure
-that your mime-decode or mime-view hooks are secure [0], [1].
+Sup now uses Psych as a YAML parser (default by Ruby) and your previous
+configuration files (~/.sup/*.yaml) may need to be migrated or re-created for
+them to work with the new sup. A migration script is included for this.
-This is specifically related to using quotes (',") around filename or
-content_type which is already escaped using Ruby Shellwords.escape -
-this means that the string (content_type, filename) is intended to be
-used _without_ any further quotes. Please make sure that if you use
-.mailcap (non OSX systems), you do not quote the string.
+Check https://github.com/sup-heliotrope/sup/wiki/Migration-0.13-to-0.14 for
+the latest instructions.
-Credit goes to: joernchen of Phenoelit (http://phenoelit.de) who
-discovered and suggested fixes for these issues.
+First back up your ~/.sup directory and index, after installing the new sup
+run:
-[0] https://github.com/sup-heliotrope/sup/wiki/Viewing-Attachments
-[1] https://github.com/sup-heliotrope/sup/wiki/Secure-usage-of-Sup
+$ sup-psych-ify-config-files
+
+to migrate your files. You should now be all set for buisness.
Release 0.13.2:
FreeBSD compatability and more thread safe polling.