diff options
| author | Mark Sapiro <mark@msapiro.net> | 2014-06-06 13:27:44 -0700 |
|---|---|---|
| committer | Mark Sapiro <mark@msapiro.net> | 2014-06-06 13:27:44 -0700 |
| commit | 4935b951b3e1a6aae107c7d04830c0ffc63aaf52 (patch) | |
| tree | b05fb27e4e9ecfd3b04eb6aed5fc5270d9329d32 /NEWS | |
| parent | 1bbdb3ac38c2ee6f3704694c49069d7d4e383ae3 (diff) | |
| download | mailman2-4935b951b3e1a6aae107c7d04830c0ffc63aaf52.tar.gz mailman2-4935b951b3e1a6aae107c7d04830c0ffc63aaf52.tar.xz mailman2-4935b951b3e1a6aae107c7d04830c0ffc63aaf52.zip | |
Mailman's log files, request.pck files and heldmsg-* files are no
longer created world readable to protect against access by untrusted
local users.
Diffstat (limited to '')
| -rwxr-xr-x | NEWS | 13 |
1 files changed, 11 insertions, 2 deletions
@@ -7,11 +7,20 @@ Here is a history of user visible changes to Mailman. 2.1.19 (xx-xxx-xxxx) + Changed behavior + + - Mailman's log files, request.pck files and heldmsg-* files are no + longer created world readable to protect against access by untrusted + local users. Note that permissions on existing log files won't be + changed so if you are concerned about this and don't rotate logs or + have a logrotate process that creates new log files instead of letting + Mailman create them, you will need to address that. (LP: #1327404) + + Bug fixes and other patches + - If checking DNS for dmarc_moderation_action and DNS lookup is not available, log it. (LP: #1324541) - Bug fixes and other patches - - Handle missing From: header addresses for DMARC mitigation actions. (LP: #1318025) |