Author Dain Dwarf
Recipients Dain Dwarf, barry, bortzmeyer, cnicodeme, jpic, jwilk, kal.sze, msapiro, nicoe, r.david.murray, vstinner, xtreak
Date 2019-04-29.11:42:55
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Hello, kind of new here.

I just wanted to note that the issue that lead to Tchap's security attack still exists in the non-deprecated message_from_string function:

email.message_from_string('From:', policy=email.policy.default)['from'].addresses

(Address(display_name='', username='a', domain=''),)

So, deprecating parseaddr is not enough for security purpose, unless there is another ticket for the new email API.
Date User Action Args
2019-04-29 11:42:55Dain Dwarfsetrecipients: + Dain Dwarf, barry, vstinner, msapiro, jwilk, r.david.murray, nicoe, kal.sze, xtreak, cnicodeme, bortzmeyer, jpic
2019-04-29 11:42:55Dain Dwarfsetmessageid: <>
2019-04-29 11:42:55Dain Dwarflinkissue34155 messages
2019-04-29 11:42:55Dain Dwarfcreate