diff options
| author | Yasuhito FUTATSUKI at POEM <futatuki@poem.co.jp> | 2018-07-03 11:48:26 +0900 |
|---|---|---|
| committer | Yasuhito FUTATSUKI at POEM <futatuki@poem.co.jp> | 2018-07-03 11:48:26 +0900 |
| commit | e746421c63219796486f356ace983b752a4766f9 (patch) | |
| tree | 01f9cb13e53faf86781a3f9a82c97ececbf04f45 /NEWS | |
| parent | a241c33c76d99ca7c765e46b43c9cb373263077b (diff) | |
| parent | 4e500d36c3fb89ad25a01e21b3ddf8bf21391abe (diff) | |
| download | mailman2-e746421c63219796486f356ace983b752a4766f9.tar.gz mailman2-e746421c63219796486f356ace983b752a4766f9.tar.xz mailman2-e746421c63219796486f356ace983b752a4766f9.zip | |
merge lp:mailman/2.1 up to rev 1787
Diffstat (limited to '')
| -rw-r--r-- | NEWS | 11 |
1 files changed, 9 insertions, 2 deletions
@@ -5,16 +5,23 @@ Copyright (C) 1998-2018 by the Free Software Foundation, Inc. Here is a history of user visible changes to Mailman. +2.1.28 (xx-xxx-xxxx) + + Bug fixes and other patches + + - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in 2.1.27 was + not working. This is fixed. (LP: #1779774) + 2.1.27 (22-Jun-2018) Security - Existing protections against malicious listowners injecting evil scripts into listinfo pages have had a few more checks added. - JVN#00846677/JPCERT#97432283 + JVN#00846677/JPCERT#97432283/CVE-2018-0618 - A few more error messages have had their values HTML escaped. - JVN#00846677/JPCERT#97432283 + JVN#00846677/JPCERT#97432283/CVE-2018-0618 - The hash generated when SUBSCRIBE_FORM_SECRET is set could have been the same as one generated at the same time for a different list and |