Protect against RTLO attacks (#3609)

Protect against RTLO attackts
2026-05-08 17:36:29 +03:00 · 2023-04-07 10:36:37 +02:00
parent 36bec9c295
commit eed8e08145
7 changed files with 79 additions and 22 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,8 +7,10 @@
 - Remove upper limit on the attachment size. #4253
 - Update rPGP to 0.10.1. #4236
 - Compress `mime_headers` column with HTML emails stored in database
+- Strip BIDI characters in system messages, files, group names and contact names #3479
 - maybe_add_time_based_warnings(): Use release date instead of the provider DB update one

+
 ### Fixes
 - Fix python bindings README documentation on installing the bindings from source.
 - Show a warning if quota list is empty #4261
@@ -219,7 +221,6 @@
 - Do not treat invalid email addresses as an exception #3942
 - Add timeouts to HTTP requests #3948

-
 ## 1.105.0

 ### Changes
@@ -305,7 +306,6 @@
 - Disable read timeout during IMAP IDLE #3826
 - Bots automatically accept mailing lists #3831

-
 ## 1.102.0

 ### Changes