Defended against a user submitting URLs with query fragments or POST

data containing multiple occurrences of the same variable.
author: Mark Sapiro <mark@msapiro.net> 2015-09-16 17:39:34 -0700
committer: Mark Sapiro <mark@msapiro.net> 2015-09-16 17:39:34 -0700
commit: 6f9679030c1c2037a6a12555dbfe02445b012646 (patch)
tree: dabd063667c028f75afc52d8d9579975fc93ca30 /NEWS
parent: 8fe23fa982192c2e1236ee86eb6cad612ace504c (diff)
download: mailman2-6f9679030c1c2037a6a12555dbfe02445b012646.tar.gz
mailman2-6f9679030c1c2037a6a12555dbfe02445b012646.tar.xz
mailman2-6f9679030c1c2037a6a12555dbfe02445b012646.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index e01d76df..193e3fec 100755
--- a/NEWS
+++ b/NEWS
@@ -20,6 +20,10 @@ Here is a history of user visible changes to Mailman.
 
   Bug fixes and other patches
 
+    - Defended against a user submitting URLs with query fragments or POST
+      data containing multiple occurrences of the same variable.
+      (LP: #1496632)
+
     - Fixed bin/mailmanctl to check its effective rather than real uid.
       (LP: #1491187)
author	Mark Sapiro <mark@msapiro.net>	2015-09-16 17:39:34 -0700
committer	Mark Sapiro <mark@msapiro.net>	2015-09-16 17:39:34 -0700
commit	6f9679030c1c2037a6a12555dbfe02445b012646 (patch)
tree	dabd063667c028f75afc52d8d9579975fc93ca30 /NEWS
parent	8fe23fa982192c2e1236ee86eb6cad612ace504c (diff)
download	mailman2-6f9679030c1c2037a6a12555dbfe02445b012646.tar.gz mailman2-6f9679030c1c2037a6a12555dbfe02445b012646.tar.xz mailman2-6f9679030c1c2037a6a12555dbfe02445b012646.zip