aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fixed a possible list membership leak via the user options CGI.HEADupstream/2.1masterMark Sapiro2022-07-091-30/+30
|
* Improve fix for lp:1961762 in prior commit.Mark Sapiro2022-02-221-1/+2
|
* Avoid 500 Internal Server Error for non-member with private roster.Mark Sapiro2022-02-221-2/+2
|
* Bumped branch version to: 2.1.39Mark Sapiro2021-12-131-2/+2
|
* Fix NameError and case sensitivity in CSRF check.Mark Sapiro2021-12-131-2/+2
|
* Bumped branch version to: 2.1.38Mark Sapiro2021-11-301-2/+2
|
* Block CSRF attack against admin or admindb pages.Mark Sapiro2021-11-304-5/+21
|
* Prior commit was incomplete.Mark Sapiro2021-11-231-4/+5
|
* Avoid NotAMemberError in CSRF check from user options page.Mark Sapiro2021-11-211-11/+11
|
* Bumped branch version to: 2.1.37Mark Sapiro2021-11-121-2/+2
|
* Fix admindb for list with no mod password.Mark Sapiro2021-11-122-2/+3
|
* Bumped branch version to: 2.1.36Mark Sapiro2021-11-111-2/+2
|
* Use moderator rather than admin for admindb CSRF token.Mark Sapiro2021-11-031-2/+1
|
* Fix a potentail XSS attack via the user options page.Mark Sapiro2021-11-031-0/+2
|
* Bumped branch version to: 2.1.35Mark Sapiro2021-10-191-2/+2
|
* Fixes for CVEs 2021-42096 and 2021-42097.Mark Sapiro2021-10-183-16/+32
|
* Improve doc for VERP_PASSWORD_REMINDERS.Mark Sapiro2021-10-011-1/+4
|
* DMARC policy ignores domains with multiple DMARC records.Mark Sapiro2021-06-061-1/+2
|
* Translate 'disabled' when used.Mark Sapiro2021-04-071-1/+3
|
* Improve fix for lp:1921682.Mark Sapiro2021-03-311-2/+4
|
* Decode message bodies for replies in CommandRunner.Mark Sapiro2021-03-301-0/+3
|
* Fix bug in prior commit.Mark Sapiro2021-03-061-2/+2
|
* Thghten conditions for scrubbing text/plain.Mark Sapiro2021-03-051-1/+7
|
* Fix missing Subject: in some Wrap Message wrappers.Mark Sapiro2021-02-141-2/+8
|
* Added recognition for a non-compliant DSN from an unknown MTA.Mark Sapiro2020-12-181-0/+4
|
* Added onhashchange to the HTML _badwords list.Mark Sapiro2020-10-221-0/+1
|
* Bumped branch version to: 2.1.34Mark Sapiro2020-06-261-2/+2
|
* Truncate very long names for scrubbed attachments.Mark Sapiro2020-06-211-1/+2
|
* Implement WARN_MEMBER_OF_SUBSCRIBE subscribe setting.Mark Sapiro2020-06-102-0/+5
|
* DMARC mitigation no longer misses upper case names.Mark Sapiro2020-05-281-2/+4
|
* Extend REFUSE_SECOND_PENDING to unsubscription as well.Mark Sapiro2020-05-184-8/+21
|
* Fix potential ValueError in MailList.CheckPending.Mark Sapiro2020-05-131-4/+3
|
* Bumped branch version to: 2.1.33Mark Sapiro2020-05-071-2/+2
|
* Fixed content injection vulnerability via the private login page.Mark Sapiro2020-05-071-7/+3
|
* Bumped branch version to: 2.1.32Mark Sapiro2020-05-051-2/+2
|
* Bumped branch version to: 2.1.31Mark Sapiro2020-05-051-2/+2
|
* Fixed options login content injection vulnerability.Mark Sapiro2020-05-051-1/+1
|
* Workaround non-ascii in string.lowercase.Mark Sapiro2020-04-251-0/+4
|
* Updates to bounce recognition.Mark Sapiro2020-04-251-0/+4
|
* Bumped branch version to: 2.1.30Mark Sapiro2020-04-131-3/+3
|
* Valid address pattern needs to consume the whole string.Mark Sapiro2020-01-161-1/+1
|
* Fixed SimpleMatch to only return valid addresses.Mark Sapiro2020-01-162-7/+28
|
* Bumped branch version to: 2.1.30rc1Mark Sapiro2020-01-111-4/+4
|
* Implement REFUSE_SECOND_PENDING setting to prevent multiple pending subscribes.Mark Sapiro2020-01-095-0/+37
|
* Fix possible UnicodeDecodeError in sending subscription confirmation.Mark Sapiro2019-11-081-2/+3
|
* Implement new drop_cc switch.Mark Sapiro2019-11-086-3/+30
|
* Changed new 'Successfully unsubscribed:' to existingMark Sapiro2019-10-051-1/+1
| | | 'Successfully Unsubscribed:' and updated i18n.
* Implemented web admin sync members.Mark Sapiro2019-09-172-2/+110
|
* Implement Ralf Jung's captcha feature for the subscribe form.Mark Sapiro2019-06-194-6/+82
|\
| * Don't enable CAPTCHA if 'en' key is not setRalf Jung2019-06-101-1/+1
| |