diff options
| author | Mark Sapiro <msapiro@value.net> | 2007-12-04 11:52:18 -0800 |
|---|---|---|
| committer | Mark Sapiro <msapiro@value.net> | 2007-12-04 11:52:18 -0800 |
| commit | 18f080804e368c63de499b32717d57701aaf8880 (patch) | |
| tree | b9f33705aaf602cc16984f9e4c87c04ec12777bb | |
| parent | 23c33ffc04737e21135743bdb7c56921966176a6 (diff) | |
| download | mailman2-18f080804e368c63de499b32717d57701aaf8880.tar.gz mailman2-18f080804e368c63de499b32717d57701aaf8880.tar.xz mailman2-18f080804e368c63de499b32717d57701aaf8880.zip | |
Mailman/Cgi/edithtml.py
Mailman/Gui/General.py
Mailman/Utils.py - Better detection of potentially evil HTML in GUI.
Mailman/Version.py
NEWS - Updates for 2.1.10b1 release.
Mailman/Gui/General.py
messages/mailman.pot - Added admin_member_chunksize to Gui. Two new
associated messages.
Diffstat (limited to '')
| -rw-r--r-- | Mailman/Cgi/edithtml.py | 17 | ||||
| -rw-r--r-- | Mailman/Gui/General.py | 32 | ||||
| -rw-r--r-- | Mailman/Utils.py | 151 | ||||
| -rw-r--r-- | Mailman/Version.py | 6 | ||||
| -rw-r--r-- | NEWS | 58 | ||||
| -rw-r--r-- | messages/mailman.pot | 170 |
6 files changed, 322 insertions, 112 deletions
diff --git a/Mailman/Cgi/edithtml.py b/Mailman/Cgi/edithtml.py index b5967b34..3aa8ab4e 100644 --- a/Mailman/Cgi/edithtml.py +++ b/Mailman/Cgi/edithtml.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2006 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2007 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -159,7 +159,20 @@ def ChangeHTML(mlist, cgi_info, template_name, doc): doc.AddItem('<hr>') return code = cgi_info['html_code'].value - code = re.sub(r'<([/]?script.*?)>', r'<\1>', code) + if Utils.suspiciousHTML(code): + doc.AddItem(Header(3, + _("""The page you saved contains suspicious HTML that could +potentially expose your users to cross-site scripting attacks. This change +has therefore been rejected. If you still want to make these changes, you +must have shell access to your Mailman server. + """))) + doc.AddItem(_('See ')) + doc.AddItem(Link( +'http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq04.048.htp', + _('FAQ 4.48.'))) + doc.AddItem(Header(3,_("Page Unchanged."))) + doc.AddItem('<hr>') + return langdir = os.path.join(mlist.fullpath(), mlist.preferred_language) # Make sure the directory exists omask = os.umask(0) diff --git a/Mailman/Gui/General.py b/Mailman/Gui/General.py index 6b03fd2c..8271a30e 100644 --- a/Mailman/Gui/General.py +++ b/Mailman/Gui/General.py @@ -1,4 +1,4 @@ -# Copyright (C) 2001-2006 by the Free Software Foundation, Inc. +# Copyright (C) 2001-2007 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -19,6 +19,8 @@ import re +from types import IntType + from Mailman import mm_cfg from Mailman import Utils from Mailman import Errors @@ -358,6 +360,10 @@ class General(GUIBase): _('''Maximum length in kilobytes (KB) of a message body. Use 0 for no limit.''')), + ('admin_member_chunksize', mm_cfg.Number, 7, 0, + _('''Maximum number of members to show on one page of the + Membership List.''')), + ('host_name', mm_cfg.Host, WIDTH, 0, _('Host name this list prefers for email.'), @@ -436,17 +442,25 @@ class General(GUIBase): # Convert any html entities to Unicode mlist.subject_prefix = Utils.canonstr( val, mlist.preferred_language) + elif property == 'info': + if val <> mlist.info: + if Utils.suspiciousHTML(val): + doc.addError(_("""The <b>info</b> attribute you saved +contains suspicious HTML that could potentially expose your users to cross-site +scripting attacks. This change has therefore been rejected. If you still want +to make these changes, you must have shell access to your Mailman server. +This change can be made with bin/withlist or with bin/config_list by setting +mlist.info. + """)) + else: + mlist.info = val + elif property == 'admin_member_chunksize' and (val < 1 + or not isinstance(val, IntType)): + doc.addError(_("""<b>admin_member_chunksize</b> attribute not + changed! It must be an integer > 0.""")) else: GUIBase._setValue(self, mlist, property, val, doc) - def _escape(self, property, value): - # The 'info' property allows HTML, but let's sanitize it to avoid XSS - # exploits. Everything else should be fully escaped. - if property <> 'info': - return GUIBase._escape(self, property, value) - # Sanitize <script> and </script> tags but nothing else. Not the best - # solution, but expedient. - return re.sub(r'(?i)<([/]?script.*?)>', r'<\1>', value) def _postValidate(self, mlist, doc): if not mlist.reply_to_address.strip() and \ diff --git a/Mailman/Utils.py b/Mailman/Utils.py index 2641875c..7b2cf439 100644 --- a/Mailman/Utils.py +++ b/Mailman/Utils.py @@ -876,3 +876,154 @@ def oneline(s, cset): except (LookupError, UnicodeError, ValueError, HeaderParseError): # possibly charset problem. return with undecoded string in one line. return EMPTYSTRING.join(s.splitlines()) + + +# Patterns and functions to flag possible XSS attacks in HTML. +# This list is compiled from information at http://ha.ckers.org/xss.html, +# http://www.quirksmode.org/js/events_compinfo.html, +# http://www.htmlref.com/reference/appa/events1.htm, +# http://lxr.mozilla.org/mozilla/source/content/events/src/nsDOMEvent.cpp#59, +# http://www.w3.org/TR/DOM-Level-2-Events/events.html and +# http://www.xulplanet.com/references/elemref/ref_EventHandlers.html +# Many thanks are due to Moritz Naumann for his assistance with this. +_badwords = [ + '<i?frame', + '<link', + '<meta', + '<script', + r'(?:^|\W)j(?:ava)?script(?:\W|$)', + r'(?:^|\W)vbs(?:cript)?(?:\W|$)', + r'(?:^|\W)domactivate(?:\W|$)', + r'(?:^|\W)domattrmodified(?:\W|$)', + r'(?:^|\W)domcharacterdatamodified(?:\W|$)', + r'(?:^|\W)domfocus(?:in|out)(?:\W|$)', + r'(?:^|\W)dommenuitem(?:in)?active(?:\W|$)', + r'(?:^|\W)dommousescroll(?:\W|$)', + r'(?:^|\W)domnodeinserted(?:intodocument)?(?:\W|$)', + r'(?:^|\W)domnoderemoved(?:fromdocument)?(?:\W|$)', + r'(?:^|\W)domsubtreemodified(?:\W|$)', + r'(?:^|\W)fscommand(?:\W|$)', + r'(?:^|\W)onabort(?:\W|$)', + r'(?:^|\W)on(?:de)?activate(?:\W|$)', + r'(?:^|\W)on(?:after|before)print(?:\W|$)', + r'(?:^|\W)on(?:after|before)update(?:\W|$)', + r'(?:^|\W)onbefore(?:(?:de)?activate|copy|cut|editfocus|paste)(?:\W|$)', + r'(?:^|\W)onbeforeunload(?:\W|$)', + r'(?:^|\W)onbegin(?:\W|$)', + r'(?:^|\W)onblur(?:\W|$)', + r'(?:^|\W)onbounce(?:\W|$)', + r'(?:^|\W)onbroadcast(?:\W|$)', + r'(?:^|\W)on(?:cell)?change(?:\W|$)', + r'(?:^|\W)oncheckboxstatechange(?:\W|$)', + r'(?:^|\W)on(?:dbl)?click(?:\W|$)', + r'(?:^|\W)onclose(?:\W|$)', + r'(?:^|\W)oncommand(?:update)?(?:\W|$)', + r'(?:^|\W)oncomposition(?:end|start)(?:\W|$)', + r'(?:^|\W)oncontextmenu(?:\W|$)', + r'(?:^|\W)oncontrolselect(?:\W|$)', + r'(?:^|\W)oncopy(?:\W|$)', + r'(?:^|\W)oncut(?:\W|$)', + r'(?:^|\W)ondataavailable(?:\W|$)', + r'(?:^|\W)ondataset(?:changed|complete)(?:\W|$)', + r'(?:^|\W)ondrag(?:drop|end|enter|exit|gesture|leave|over)?(?:\W|$)', + r'(?:^|\W)ondragstart(?:\W|$)', + r'(?:^|\W)ondrop(?:\W|$)', + r'(?:^|\W)onend(?:\W|$)', + r'(?:^|\W)onerror(?:update)?(?:\W|$)', + r'(?:^|\W)onfilterchange(?:\W|$)', + r'(?:^|\W)onfinish(?:\W|$)', + r'(?:^|\W)onfocus(?:in|out)?(?:\W|$)', + r'(?:^|\W)onhelp(?:\W|$)', + r'(?:^|\W)oninput(?:\W|$)', + r'(?:^|\W)onkey(?:up|down|press)(?:\W|$)', + r'(?:^|\W)onlayoutcomplete(?:\W|$)', + r'(?:^|\W)on(?:un)?load(?:\W|$)', + r'(?:^|\W)onlosecapture(?:\W|$)', + r'(?:^|\W)onmedia(?:complete|error)(?:\W|$)', + r'(?:^|\W)onmouse(?:down|enter|leave|move|out|over|up|wheel)(?:\W|$)', + r'(?:^|\W)onmove(?:end|start)?(?:\W|$)', + r'(?:^|\W)on(?:off|on)line(?:\W|$)', + r'(?:^|\W)onoutofsync(?:\W|$)', + r'(?:^|\W)onoverflow(?:changed)?(?:\W|$)', + r'(?:^|\W)onpage(?:hide|show)(?:\W|$)', + r'(?:^|\W)onpaint(?:\W|$)', + r'(?:^|\W)onpaste(?:\W|$)', + r'(?:^|\W)onpause(?:\W|$)', + r'(?:^|\W)onpopup(?:hidden|hiding|showing|shown)(?:\W|$)', + r'(?:^|\W)onprogress(?:\W|$)', + r'(?:^|\W)onpropertychange(?:\W|$)', + r'(?:^|\W)onradiostatechange(?:\W|$)', + r'(?:^|\W)onreadystatechange(?:\W|$)', + r'(?:^|\W)onrepeat(?:\W|$)', + r'(?:^|\W)onreset(?:\W|$)', + r'(?:^|\W)onresize(?:end|start)?(?:\W|$)', + r'(?:^|\W)onresume(?:\W|$)', + r'(?:^|\W)onreverse(?:\W|$)', + r'(?:^|\W)onrow(?:delete|enter|exit|inserted)(?:\W|$)', + r'(?:^|\W)onrows(?:delete|enter|inserted)(?:\W|$)', + r'(?:^|\W)onscroll(?:\W|$)', + r'(?:^|\W)onseek(?:\W|$)', + r'(?:^|\W)onselect(?:start)?(?:\W|$)', + r'(?:^|\W)onselectionchange(?:\W|$)', + r'(?:^|\W)onstart(?:\W|$)', + r'(?:^|\W)onstop(?:\W|$)', + r'(?:^|\W)onsubmit(?:\W|$)', + r'(?:^|\W)onsync(?:from|to)preference(?:\W|$)', + r'(?:^|\W)onsyncrestored(?:\W|$)', + r'(?:^|\W)ontext(?:\W|$)', + r'(?:^|\W)ontimeerror(?:\W|$)', + r'(?:^|\W)ontrackchange(?:\W|$)', + r'(?:^|\W)onunderflow(?:\W|$)', + r'(?:^|\W)onurlflip(?:\W|$)', + r'(?:^|\W)seeksegmenttime(?:\W|$)', + r'(?:^|\W)svgabort(?:\W|$)', + r'(?:^|\W)svgerror(?:\W|$)', + r'(?:^|\W)svgload(?:\W|$)', + r'(?:^|\W)svgresize(?:\W|$)', + r'(?:^|\W)svgscroll(?:\W|$)', + r'(?:^|\W)svgunload(?:\W|$)', + r'(?:^|\W)svgzoom(?:\W|$)', + ] + + +# This is the actual re to look for the above patterns +_badhtml = re.compile('|'.join(_badwords), re.IGNORECASE) +# This is used to filter non-printable us-ascii characters, some of which +# can be used to break words to avoid recognition. +_filterchars = re.compile('[\000-\011\013\014\016-\037\177-\237]') +# This is used to recognize '&#' and '%xx' strings for _translate which +# translates them to characters +_encodedchars = re.compile('(&#[0-9]+;?)|(&#x[0-9a-f]+;?)|(%[0-9a-f]{2})', + re.IGNORECASE) + + +def _translate(mo): + """Translate &#... and %xx encodings into the encoded character.""" + match = mo.group().lower().strip('&#;') + try: + if match.startswith('x') or match.startswith('%'): + val = int(match[1:], 16) + else: + val = int(match, 10) + except ValueError: + return '' + if val < 256: + return chr(val) + else: + return '' + + +def suspiciousHTML(html): + """Check HTML string for various tags, script language names and + 'onxxx' actions that can be used in XSS attacks. + Currently, this a very simple minded test. It just looks for + patterns without analyzing context. Thus, it potentially flags lots + of benign stuff. + Returns True if anything suspicious found, False otherwise. + """ + + if _badhtml.search(_filterchars.sub( + '', _encodedchars.sub(_translate, html))): + return True + else: + return False diff --git a/Mailman/Version.py b/Mailman/Version.py index e45020ad..907370da 100644 --- a/Mailman/Version.py +++ b/Mailman/Version.py @@ -16,7 +16,7 @@ # USA. # Mailman version -VERSION = "2.1.10a0" +VERSION = "2.1.10b1" # And as a hex number in the manner of PY_VERSION_HEX ALPHA = 0xa @@ -29,9 +29,9 @@ FINAL = 0xf MAJOR_REV = 2 MINOR_REV = 1 MICRO_REV = 10 -REL_LEVEL = ALPHA +REL_LEVEL = BETA # at most 15 beta releases! -REL_SERIAL = 0 +REL_SERIAL = 1 HEX_VERSION = ((MAJOR_REV << 24) | (MINOR_REV << 16) | (MICRO_REV << 8) | (REL_LEVEL << 4) | (REL_SERIAL << 0)) @@ -4,7 +4,43 @@ Copyright (C) 1998-2007 by the Free Software Foundation, Inc. Here is a history of user visible changes to Mailman. -2.1.10b0 (XX-Nov-2007) +2.1.10b1 (04-Dec-2007) + + Security + + - The 2.1.9 fixes for CVE-2006-3636 have been enhanced. In particular, + many potential cross-site scripting attacks have are now detected in + editing templates and updating the list's info attribute via the web + admin interface. Thanks again to Moritz Naumann for assistance with + this. + + New Features + + - Changed cmd_who.py to list all members if authorization is with the + list's admin or moderator password and to accept the password if the + roster is public. Also changed the web roster to show hidden members + when authorization is by site or list's admin or moderator password + (1587651). + + - Added the ability to put a list name in accept_these_nonmembers + to accept posts from members of that list (1220144). + + - Added a new 'sibling list' feature to exclude members of another list + from receiving a post from this list if the other list is in the To: or + Cc: of the post or to include members of the other list if that list is + not in the To: or Cc: of the post (Patch ID 1347962). + + - Added the admin_member_chunksize attribute to the admin General Options + interface (Bug 1072002, Partial RFE 782436). + +Internationalization + + - Added the Hebrew translation from Dov Zamir. This includes addition of + a direction ('ltr', 'rtl') to the LC_DESCRIPTIONS table. The + add_language() function defaults direction to 'ltr' to not break + existing mm_cfg.py files. + + - Added the Slovak translation from Martin Matuska. Bug fixes and other patches @@ -61,12 +97,6 @@ Here is a history of user visible changes to Mailman. - Fixed admin.py so null VARHELP category is handled (1573393). - - Changed cmd_who.py to list all members if authorization is with the - list's admin or moderator password and to accept the password if the - roster is public. Also changed the web roster to show hidden members - when authorization is by site or list's admin or moderator password - (1587651). - - Fixed OldStyleMemberships.py to preserve delivery statuses BYADMIN and BYUSER on a straight change of address (1642388). Also fixed a bug that could result in a member key with uppercase in the domain. @@ -102,24 +132,14 @@ Here is a history of user visible changes to Mailman. wasn't always found in quoted-printable encoded parts and was never found in base64 encoded parts. This is now fixed. - - Added the Hebrew translation from Dov Zamir. This includes addition of - a direction ('ltr', 'rtl') to the LC_DESCRIPTIONS table. The - add_language() function defaults direction to 'ltr' to not break - existing mm_cfg.py files. - - - Added the ability to put a list name in accept_these_nonmembers - to accept posts from members of that list (1220144). - - Fixed a mail loop if a list owner puts the list's -bounces or -admin address in the list's owner attribute (1834569). - Fixed the mailto: link in archived messages to prefix the subject with Re: and to put the correct message-id in In-Reply-To (1621278, 1834281). - - Added a new 'sibling list' feature to exclude members of another list - from receiving a post from this list if the other list is in the To: or - Cc: of the post or to include members of the other list if that list is - not in the To: or Cc: of the post (Patch ID 1347962). + - Coerced list name arguments to lower case in the change_pw, inject, + list_admins and list_owners command line tools (patch 1842412). 2.1.9 (12-Sep-2006) diff --git a/messages/mailman.pot b/messages/mailman.pot index 6d722049..7c47fd18 100644 --- a/messages/mailman.pot +++ b/messages/mailman.pot @@ -5,7 +5,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" -"POT-Creation-Date: Mon Nov 26 19:58:53 2007\n" +"POT-Creation-Date: Mon Dec 3 20:27:32 2007\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -766,13 +766,13 @@ msgstr "" #: Mailman/Gui/Bounce.py:155 Mailman/Gui/ContentFilter.py:74 #: Mailman/Gui/ContentFilter.py:116 Mailman/Gui/ContentFilter.py:120 #: Mailman/Gui/Digest.py:46 Mailman/Gui/Digest.py:62 Mailman/Gui/Digest.py:84 -#: Mailman/Gui/Digest.py:89 Mailman/Gui/General.py:154 -#: Mailman/Gui/General.py:160 Mailman/Gui/General.py:238 -#: Mailman/Gui/General.py:265 Mailman/Gui/General.py:292 -#: Mailman/Gui/General.py:303 Mailman/Gui/General.py:306 -#: Mailman/Gui/General.py:316 Mailman/Gui/General.py:321 -#: Mailman/Gui/General.py:327 Mailman/Gui/General.py:347 -#: Mailman/Gui/General.py:375 Mailman/Gui/General.py:398 +#: Mailman/Gui/Digest.py:89 Mailman/Gui/General.py:156 +#: Mailman/Gui/General.py:162 Mailman/Gui/General.py:240 +#: Mailman/Gui/General.py:267 Mailman/Gui/General.py:294 +#: Mailman/Gui/General.py:305 Mailman/Gui/General.py:308 +#: Mailman/Gui/General.py:318 Mailman/Gui/General.py:323 +#: Mailman/Gui/General.py:329 Mailman/Gui/General.py:349 +#: Mailman/Gui/General.py:381 Mailman/Gui/General.py:404 #: Mailman/Gui/NonDigest.py:45 Mailman/Gui/NonDigest.py:53 #: Mailman/Gui/NonDigest.py:140 Mailman/Gui/Privacy.py:110 #: Mailman/Gui/Privacy.py:116 Mailman/Gui/Privacy.py:149 @@ -793,13 +793,13 @@ msgstr "" #: Mailman/Gui/ContentFilter.py:74 Mailman/Gui/ContentFilter.py:116 #: Mailman/Gui/ContentFilter.py:120 Mailman/Gui/Digest.py:46 #: Mailman/Gui/Digest.py:62 Mailman/Gui/Digest.py:84 Mailman/Gui/Digest.py:89 -#: Mailman/Gui/General.py:154 Mailman/Gui/General.py:160 -#: Mailman/Gui/General.py:238 Mailman/Gui/General.py:265 -#: Mailman/Gui/General.py:292 Mailman/Gui/General.py:303 -#: Mailman/Gui/General.py:306 Mailman/Gui/General.py:316 -#: Mailman/Gui/General.py:321 Mailman/Gui/General.py:327 -#: Mailman/Gui/General.py:347 Mailman/Gui/General.py:375 -#: Mailman/Gui/General.py:398 Mailman/Gui/NonDigest.py:45 +#: Mailman/Gui/General.py:156 Mailman/Gui/General.py:162 +#: Mailman/Gui/General.py:240 Mailman/Gui/General.py:267 +#: Mailman/Gui/General.py:294 Mailman/Gui/General.py:305 +#: Mailman/Gui/General.py:308 Mailman/Gui/General.py:318 +#: Mailman/Gui/General.py:323 Mailman/Gui/General.py:329 +#: Mailman/Gui/General.py:349 Mailman/Gui/General.py:381 +#: Mailman/Gui/General.py:404 Mailman/Gui/NonDigest.py:45 #: Mailman/Gui/NonDigest.py:53 Mailman/Gui/NonDigest.py:140 #: Mailman/Gui/Privacy.py:110 Mailman/Gui/Privacy.py:116 #: Mailman/Gui/Privacy.py:149 Mailman/Gui/Privacy.py:197 @@ -3427,7 +3427,7 @@ msgid "" " Is Disabled</em> warnings. This value must be an integer." msgstr "" -#: Mailman/Gui/Bounce.py:117 Mailman/Gui/General.py:263 +#: Mailman/Gui/Bounce.py:117 Mailman/Gui/General.py:265 msgid "Notifications" msgstr "" @@ -3777,41 +3777,41 @@ msgid "" " " msgstr "" -#: Mailman/Gui/General.py:34 +#: Mailman/Gui/General.py:36 msgid "General Options" msgstr "" -#: Mailman/Gui/General.py:48 +#: Mailman/Gui/General.py:50 msgid "Conceal the member's address" msgstr "" -#: Mailman/Gui/General.py:49 +#: Mailman/Gui/General.py:51 msgid "Acknowledge the member's posting" msgstr "" -#: Mailman/Gui/General.py:50 +#: Mailman/Gui/General.py:52 msgid "Do not send a copy of a member's own post" msgstr "" -#: Mailman/Gui/General.py:52 +#: Mailman/Gui/General.py:54 msgid "Filter out duplicate messages to list members (if possible)" msgstr "" -#: Mailman/Gui/General.py:59 +#: Mailman/Gui/General.py:61 msgid "" "Fundamental list characteristics, including descriptive\n" " info and basic behaviors." msgstr "" -#: Mailman/Gui/General.py:62 +#: Mailman/Gui/General.py:64 msgid "General list personality" msgstr "" -#: Mailman/Gui/General.py:65 +#: Mailman/Gui/General.py:67 msgid "The public name of this list (make case-changes only)." msgstr "" -#: Mailman/Gui/General.py:66 +#: Mailman/Gui/General.py:68 msgid "" "The capitalization of this name can be changed to make it\n" " presentable in polite company as a proper noun, or to make an\n" @@ -3822,13 +3822,13 @@ msgid "" " almost everything else :-)" msgstr "" -#: Mailman/Gui/General.py:75 +#: Mailman/Gui/General.py:77 msgid "" "The list administrator email addresses. Multiple\n" " administrator addresses, each on separate line is okay." msgstr "" -#: Mailman/Gui/General.py:78 +#: Mailman/Gui/General.py:80 msgid "" "There are two ownership roles associated with each mailing\n" " list. The <em>list administrators</em> are the people who have\n" @@ -3851,13 +3851,13 @@ msgid "" " are changing here specifies the list administrators." msgstr "" -#: Mailman/Gui/General.py:99 +#: Mailman/Gui/General.py:101 msgid "" "The list moderator email addresses. Multiple\n" " moderator addresses, each on separate line is okay." msgstr "" -#: Mailman/Gui/General.py:102 +#: Mailman/Gui/General.py:104 msgid "" "There are two ownership roles associated with each mailing\n" " list. The <em>list administrators</em> are the people who have\n" @@ -3880,11 +3880,11 @@ msgid "" " specifies the list moderators." msgstr "" -#: Mailman/Gui/General.py:123 +#: Mailman/Gui/General.py:125 msgid "A terse phrase identifying this list." msgstr "" -#: Mailman/Gui/General.py:125 +#: Mailman/Gui/General.py:127 msgid "" "This description is used when the mailing list is listed with\n" " other mailing lists, or in headers, and so forth. It should\n" @@ -3892,7 +3892,7 @@ msgid "" " the list is." msgstr "" -#: Mailman/Gui/General.py:131 +#: Mailman/Gui/General.py:133 msgid "" "An introductory description - a few paragraphs - about the\n" " list. It will be included, as html, at the top of the listinfo\n" @@ -3900,7 +3900,7 @@ msgid "" " for more info." msgstr "" -#: Mailman/Gui/General.py:135 +#: Mailman/Gui/General.py:137 msgid "" "The text will be treated as html <em>except</em> that\n" " newlines will be translated to <br> - so you can use links,\n" @@ -3910,11 +3910,11 @@ msgid "" " display of the entire listinfo page." msgstr "" -#: Mailman/Gui/General.py:143 +#: Mailman/Gui/General.py:145 msgid "Prefix for subject line of list postings." msgstr "" -#: Mailman/Gui/General.py:144 +#: Mailman/Gui/General.py:146 msgid "" "This text will be prepended to subject lines of messages\n" " posted to the list, to distinguish mailing list messages in\n" @@ -3927,17 +3927,17 @@ msgid "" " " msgstr "" -#: Mailman/Gui/General.py:155 +#: Mailman/Gui/General.py:157 msgid "" "Hide the sender of a message, replacing it with the list\n" " address (Removes From, Sender and Reply-To fields)" msgstr "" -#: Mailman/Gui/General.py:158 +#: Mailman/Gui/General.py:160 msgid "<tt>Reply-To:</tt> header munging" msgstr "" -#: Mailman/Gui/General.py:161 +#: Mailman/Gui/General.py:163 msgid "" "Should any existing <tt>Reply-To:</tt> header found in the\n" " original message be stripped? If so, this will be done\n" @@ -3945,26 +3945,26 @@ msgid "" " added by Mailman or not." msgstr "" -#: Mailman/Gui/General.py:167 +#: Mailman/Gui/General.py:169 msgid "Explicit address" msgstr "" -#: Mailman/Gui/General.py:167 +#: Mailman/Gui/General.py:169 msgid "Poster" msgstr "" -#: Mailman/Gui/General.py:167 +#: Mailman/Gui/General.py:169 msgid "This list" msgstr "" -#: Mailman/Gui/General.py:168 +#: Mailman/Gui/General.py:170 msgid "" "Where are replies to list messages directed?\n" " <tt>Poster</tt> is <em>strongly</em> recommended for most mailing\n" " lists." msgstr "" -#: Mailman/Gui/General.py:173 +#: Mailman/Gui/General.py:175 msgid "" "This option controls what Mailman does to the\n" " <tt>Reply-To:</tt> header in messages flowing through this\n" @@ -3998,11 +3998,11 @@ msgid "" " list." msgstr "" -#: Mailman/Gui/General.py:205 +#: Mailman/Gui/General.py:207 msgid "Explicit <tt>Reply-To:</tt> header." msgstr "" -#: Mailman/Gui/General.py:207 +#: Mailman/Gui/General.py:209 msgid "" "This is the address set in the <tt>Reply-To:</tt> header\n" " when the <a\n" @@ -4034,17 +4034,17 @@ msgid "" " <tt>Reply-To:</tt> header, it will not be changed." msgstr "" -#: Mailman/Gui/General.py:236 +#: Mailman/Gui/General.py:238 msgid "Umbrella list settings" msgstr "" -#: Mailman/Gui/General.py:239 +#: Mailman/Gui/General.py:241 msgid "" "Send password reminders to, eg, \"-owner\" address instead of\n" " directly to user." msgstr "" -#: Mailman/Gui/General.py:242 +#: Mailman/Gui/General.py:244 msgid "" "Set this to yes when this list is intended to cascade only\n" " to other mailing lists. When set, meta notices like\n" @@ -4054,14 +4054,14 @@ msgid "" " account name." msgstr "" -#: Mailman/Gui/General.py:250 +#: Mailman/Gui/General.py:252 msgid "" "Suffix for use when this list is an umbrella for other\n" " lists, according to setting of previous \"umbrella_list\"\n" " setting." msgstr "" -#: Mailman/Gui/General.py:254 +#: Mailman/Gui/General.py:256 msgid "" "When \"umbrella_list\" is set to indicate that this list has\n" " other mailing lists as members, then administrative notices like\n" @@ -4073,24 +4073,24 @@ msgid "" " is \"No\"." msgstr "" -#: Mailman/Gui/General.py:266 +#: Mailman/Gui/General.py:268 msgid "Send monthly password reminders?" msgstr "" -#: Mailman/Gui/General.py:268 +#: Mailman/Gui/General.py:270 msgid "" "Turn this on if you want password reminders to be sent once\n" " per month to your members. Note that members may disable their\n" " own individual password reminders." msgstr "" -#: Mailman/Gui/General.py:273 +#: Mailman/Gui/General.py:275 msgid "" "List-specific text prepended to new-subscriber welcome\n" " message" msgstr "" -#: Mailman/Gui/General.py:276 +#: Mailman/Gui/General.py:278 msgid "" "This value, if any, will be added to the front of the\n" " new-subscriber welcome message. The rest of the welcome message\n" @@ -4109,11 +4109,11 @@ msgid "" " </ul>" msgstr "" -#: Mailman/Gui/General.py:293 +#: Mailman/Gui/General.py:295 msgid "Send welcome message to newly subscribed members?" msgstr "" -#: Mailman/Gui/General.py:294 +#: Mailman/Gui/General.py:296 msgid "" "Turn this off only if you plan on subscribing people manually\n" " and don't want them to know that you did so. This option is most\n" @@ -4121,23 +4121,23 @@ msgid "" " list manager to Mailman." msgstr "" -#: Mailman/Gui/General.py:300 +#: Mailman/Gui/General.py:302 msgid "" "Text sent to people leaving the list. If empty, no special\n" " text will be added to the unsubscribe message." msgstr "" -#: Mailman/Gui/General.py:304 +#: Mailman/Gui/General.py:306 msgid "Send goodbye message to members when they are unsubscribed?" msgstr "" -#: Mailman/Gui/General.py:307 +#: Mailman/Gui/General.py:309 msgid "" "Should the list moderators get immediate notice of new\n" " requests, as well as daily notices about collected ones?" msgstr "" -#: Mailman/Gui/General.py:310 +#: Mailman/Gui/General.py:312 msgid "" "List moderators (and list administrators) are sent daily\n" " reminders of requests pending approval, like subscriptions to a\n" @@ -4146,25 +4146,25 @@ msgid "" " immediately on the arrival of new requests as well." msgstr "" -#: Mailman/Gui/General.py:317 +#: Mailman/Gui/General.py:319 msgid "" "Should administrator get notices of subscribes and\n" " unsubscribes?" msgstr "" -#: Mailman/Gui/General.py:322 +#: Mailman/Gui/General.py:324 msgid "Send mail to poster when their posting is held for approval?" msgstr "" -#: Mailman/Gui/General.py:325 +#: Mailman/Gui/General.py:327 msgid "Additional settings" msgstr "" -#: Mailman/Gui/General.py:328 +#: Mailman/Gui/General.py:330 msgid "Emergency moderation of all list traffic." msgstr "" -#: Mailman/Gui/General.py:329 +#: Mailman/Gui/General.py:331 msgid "" "When this option is enabled, all list traffic is emergency\n" " moderated, i.e. held for moderation. Turn this option on when\n" @@ -4172,25 +4172,25 @@ msgid "" " period." msgstr "" -#: Mailman/Gui/General.py:341 +#: Mailman/Gui/General.py:343 msgid "" "Default options for new members joining this list.<input\n" " type=\"hidden\" name=\"new_member_options\" value=\"ignore\">" msgstr "" -#: Mailman/Gui/General.py:344 +#: Mailman/Gui/General.py:346 msgid "" "When a new member is subscribed to this list, their initial\n" " set of options is taken from the this variable's setting." msgstr "" -#: Mailman/Gui/General.py:348 +#: Mailman/Gui/General.py:350 msgid "" "(Administrivia filter) Check postings and intercept ones\n" " that seem to be administrative requests?" msgstr "" -#: Mailman/Gui/General.py:351 +#: Mailman/Gui/General.py:353 msgid "" "Administrivia tests will check postings to see whether it's\n" " really meant as an administrative request (like subscribe,\n" @@ -4199,17 +4199,23 @@ msgid "" " in the process." msgstr "" -#: Mailman/Gui/General.py:358 +#: Mailman/Gui/General.py:360 msgid "" "Maximum length in kilobytes (KB) of a message body. Use 0\n" " for no limit." msgstr "" -#: Mailman/Gui/General.py:362 +#: Mailman/Gui/General.py:364 +msgid "" +"Maximum number of members to show on one page of the\n" +" Membership List." +msgstr "" + +#: Mailman/Gui/General.py:368 msgid "Host name this list prefers for email." msgstr "" -#: Mailman/Gui/General.py:364 +#: Mailman/Gui/General.py:370 msgid "" "The \"host_name\" is the preferred name for email to\n" " mailman-related addresses on this host, and generally should be\n" @@ -4218,7 +4224,7 @@ msgid "" " multiple addresses." msgstr "" -#: Mailman/Gui/General.py:376 +#: Mailman/Gui/General.py:382 msgid "" "Should messages from this mailing list include the\n" " <a href=\"http://www.faqs.org/rfcs/rfc2369.html\">RFC 2369</a>\n" @@ -4226,7 +4232,7 @@ msgid "" " recommended." msgstr "" -#: Mailman/Gui/General.py:381 +#: Mailman/Gui/General.py:387 msgid "" "RFC 2369 defines a set of List-* headers that are\n" " normally added to every message sent to the list membership.\n" @@ -4243,11 +4249,11 @@ msgid "" " these headers may eventually go away)." msgstr "" -#: Mailman/Gui/General.py:399 +#: Mailman/Gui/General.py:405 msgid "Should postings include the <tt>List-Post:</tt> header?" msgstr "" -#: Mailman/Gui/General.py:400 +#: Mailman/Gui/General.py:406 msgid "" "The <tt>List-Post:</tt> header is one of the headers\n" " recommended by\n" @@ -4261,20 +4267,20 @@ msgid "" " headers.)" msgstr "" -#: Mailman/Gui/General.py:415 +#: Mailman/Gui/General.py:421 msgid "" "Discard held messages older than this number of days.\n" " Use 0 for no automatic discarding." msgstr "" -#: Mailman/Gui/General.py:425 +#: Mailman/Gui/General.py:431 msgid "" "<b>real_name</b> attribute not\n" " changed! It must differ from the list's name by case\n" " only." msgstr "" -#: Mailman/Gui/General.py:442 +#: Mailman/Gui/General.py:448 msgid "" "The <b>info</b> attribute you saved\n" "contains suspicious HTML that could potentially expose your users to cross-site\n" @@ -4287,6 +4293,12 @@ msgstr "" #: Mailman/Gui/General.py:459 msgid "" +"<b>admin_member_chunksize</b> attribute not\n" +" changed! It must be an integer > 0." +msgstr "" + +#: Mailman/Gui/General.py:469 +msgid "" "You cannot add a Reply-To: to an explicit\n" " address if that address is blank. Resetting these values." msgstr "" |