aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMark Sapiro <mark@msapiro.net>2018-03-08 17:33:07 -0800
committerMark Sapiro <mark@msapiro.net>2018-03-08 17:33:07 -0800
commit21eafd3e46083eded01f67ea828bc7b46ffb3f07 (patch)
treefb8227f504f69e8423595805f21bf1c7b7b53261
parente61719889de7b570adb19af5e223c66f1e09e8bc (diff)
downloadmailman2-21eafd3e46083eded01f67ea828bc7b46ffb3f07.tar.gz
mailman2-21eafd3e46083eded01f67ea828bc7b46ffb3f07.tar.xz
mailman2-21eafd3e46083eded01f67ea828bc7b46ffb3f07.zip
Added a few more badword checks to Utils.suspiciousHTML().
Added validation of GUI updates to host_name.
-rw-r--r--Mailman/Gui/General.py10
-rw-r--r--Mailman/Utils.py31
-rw-r--r--NEWS5
3 files changed, 41 insertions, 5 deletions
diff --git a/Mailman/Gui/General.py b/Mailman/Gui/General.py
index 980e5f2b..dfde6309 100644
--- a/Mailman/Gui/General.py
+++ b/Mailman/Gui/General.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2001-2014 by the Free Software Foundation, Inc.
+# Copyright (C) 2001-2018 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -559,6 +559,14 @@ mlist.info.
or not isinstance(val, IntType)):
doc.addError(_("""<b>admin_member_chunksize</b> attribute not
changed! It must be an integer > 0."""))
+ elif property == 'host_name':
+ try:
+ Utils.ValidateEmail('user@' + val)
+ except Errors.EmailAddressError:
+ doc.addError(_("""<b>host_name</b> attribute not changed!
+ It must be a valid domain name."""))
+ else:
+ GUIBase._setValue(self, mlist, property, val, doc)
else:
GUIBase._setValue(self, mlist, property, val, doc)
diff --git a/Mailman/Utils.py b/Mailman/Utils.py
index 9dbd0b55..fd6ac796 100644
--- a/Mailman/Utils.py
+++ b/Mailman/Utils.py
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2017 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2018 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -1019,6 +1019,7 @@ _badwords = [
'<meta',
'<object',
'<script',
+ '@keyframes',
r'\bj(?:ava)?script\b',
r'\bvbs(?:cript)?\b',
r'\bdomactivate\b',
@@ -1035,12 +1036,14 @@ _badwords = [
r'\bon(?:de)?activate\b',
r'\bon(?:after|before)print\b',
r'\bon(?:after|before)update\b',
+ r'\b(?:on)?animation(?:end|iteration|start)\b',
r'\bonbefore(?:(?:de)?activate|copy|cut|editfocus|paste)\b',
r'\bonbeforeunload\b',
r'\bonbegin\b',
r'\bonblur\b',
r'\bonbounce\b',
r'\bonbroadcast\b',
+ r'\boncanplay(?:through)?\b',
r'\bon(?:cell)?change\b',
r'\boncheckboxstatechange\b',
r'\bon(?:dbl)?click\b',
@@ -1056,7 +1059,9 @@ _badwords = [
r'\bondrag(?:drop|end|enter|exit|gesture|leave|over)?\b',
r'\bondragstart\b',
r'\bondrop\b',
- r'\bonend\b',
+ r'\bondurationchange\b',
+ r'\bonemptied\b',
+ r'\bonend(?:ed)?\b',
r'\bonerror(?:update)?\b',
r'\bonfilterchange\b',
r'\bonfinish\b',
@@ -1066,21 +1071,28 @@ _badwords = [
r'\bonkey(?:up|down|press)\b',
r'\bonlayoutcomplete\b',
r'\bon(?:un)?load\b',
+ r'\bonloaded(?:meta)?data\b',
+ r'\bonloadstart\b',
r'\bonlosecapture\b',
r'\bonmedia(?:complete|error)\b',
+ r'\bonmessage\b',
r'\bonmouse(?:down|enter|leave|move|out|over|up|wheel)\b',
r'\bonmove(?:end|start)?\b',
r'\bon(?:off|on)line\b',
+ r'\bonopen\b',
r'\bonoutofsync\b',
r'\bonoverflow(?:changed)?\b',
r'\bonpage(?:hide|show)\b',
r'\bonpaint\b',
r'\bonpaste\b',
r'\bonpause\b',
+ r'\bonplay(?:ing)?\b',
+ r'\bonpopstate\b',
r'\bonpopup(?:hidden|hiding|showing|shown)\b',
r'\bonprogress\b',
r'\bonpropertychange\b',
r'\bonradiostatechange\b',
+ r'\bonratechange\b',
r'\bonreadystatechange\b',
r'\bonrepeat\b',
r'\bonreset\b',
@@ -1090,19 +1102,30 @@ _badwords = [
r'\bonrow(?:delete|enter|exit|inserted)\b',
r'\bonrows(?:delete|enter|inserted)\b',
r'\bonscroll\b',
- r'\bonseek\b',
+ r'\bonsearch\b',
+ r'\bonseek(?:ed|ing)?\b',
r'\bonselect(?:start)?\b',
r'\bonselectionchange\b',
+ r'\bonshow\b',
r'\bonstart\b',
+ r'\bonstalled\b',
r'\bonstop\b',
+ r'\bonstorage\b',
r'\bonsubmit\b',
+ r'\bonsuspend\b',
r'\bonsync(?:from|to)preference\b',
r'\bonsyncrestored\b',
r'\bontext\b',
- r'\bontimeerror\b',
+ r'\bontime(?:error|update)\b',
+ r'\bontoggle\b',
+ r'\bontouch(?:cancel|end|move|start)\b',
r'\bontrackchange\b',
+ r'\b(?:on)?transitionend\b',
r'\bonunderflow\b',
r'\bonurlflip\b',
+ r'\bonvolumechange\b',
+ r'\bonwaiting\b',
+ r'\bonwheel\b',
r'\bseeksegmenttime\b',
r'\bsvgabort\b',
r'\bsvgerror\b',
diff --git a/NEWS b/NEWS
index 4e707a72..1541b414 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,11 @@ Here is a history of user visible changes to Mailman.
2.1.27 (xx-xxx-xxxx)
+ Security
+
+ - Existing protections against malicious listowners injecting evil
+ scripts into listinfo pages have had a few more checks added.
+
Bug fixes and other patches
- Bad values in a list's topics will no longer break everything that