[ZendTo] ANNOUNCE: Version 5.10-1 "production" released

Jules Jules at Zend.To
Sun Jul 1 12:11:41 BST 2018 

Bryan,

Check you /opt/zendto/templates directory for any *.rpmnew files.
And make sure you have cleared your browser cache.

It behaves correctly for me.

(Feel free to try at https://dropoff.soton.ac.uk which I have just 
upgraded, you can send me a drop-off to Jules at ecs.soton.ac.uk if you like).

If you exit the passphrase dialog without a non-empty passphrase, the 
tickbox should untick itself.

Cheers,
Jules.

On 01/07/2018 4:02 am, Bryan Jones via ZendTo wrote:
> I've identified a potential issue with the new file encryption 
> function of 5.10-1.
>
> It is possible to deliver an encrypted file with a blank passphrase, 
> that cannot be decrypted and downloaded by the recipient:
>
> Upon checking to box to "Encrypt every file", you're presented the 
> dialog to provide a passphrase. It is possible to exit that box 
> without supplying a passphrase. However the "Encrypt every file" 
> option is still selected.
> At that point, you can upload files, and deliver them, and they are 
> encrypted.
> Upon notification to the recipient, they see the file delivery, but 
> upon attempting to download, they're prompted for a passphrase. 
> However, no passphrase was originally supplied, and it is not possible 
> to submit a blank passphrase.
> The files are therefore not retrievable.
>
> If the person dropping off the files exits the passphrase dialog box 
> without supplying a passphrase, the "Encypt every file" selection 
> should probably be reverted.
>
> This is an installation of 5.03-1 that was upgraded.
>
> --
> Bryan Jones
>
> P.S. Love the tool... taking to my executive board of my non-profit on 
> Monday for approval to deploy. We will be donating if this is accepted.
>
>
> *Disclaimer*
>
> The information contained in this communication from the sender is 
> confidential. It is intended solely for use by the recipient and 
> others authorized to receive it. If you are not the recipient, you are 
> hereby notified that any disclosure, copying, distribution or taking 
> action in relation of the contents of this information is strictly 
> prohibited and may be unlawful.
>
> This email has been scanned for viruses and malware, and may have been 
> automatically archived.
>
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://jul.es/mailman/listinfo/zendto

Jules

-- 
Julian Field MEng CEng CITP MBCS MIEEE MACM

'All programs have a desire to be useful' - Tron, 1982

www.Zend.To
Twitter: @JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20180701/5cae1cc7/attachment.html>

More information about the ZendTo mailing list