aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix NameError and case sensitivity in CSRF check.Mark Sapiro2021-12-132-2/+9
|
* Bumped branch version to: 2.1.38Mark Sapiro2021-11-301-2/+2
|
* Block CSRF attack against admin or admindb pages.Mark Sapiro2021-11-305-6/+27
|
* Prior commit was incomplete.Mark Sapiro2021-11-231-4/+5
|
* Avoid NotAMemberError in CSRF check from user options page.Mark Sapiro2021-11-212-11/+18
|
* Bumped branch version to: 2.1.37Mark Sapiro2021-11-121-2/+2
|
* Fix admindb for list with no mod password.Mark Sapiro2021-11-123-2/+9
|
* Bumped branch version to: 2.1.36Mark Sapiro2021-11-112-7/+7
|
* Use moderator rather than admin for admindb CSRF token.Mark Sapiro2021-11-031-2/+1
|
* Fix a potentail XSS attack via the user options page.Mark Sapiro2021-11-032-0/+14
|
* Bumped branch version to: 2.1.35Mark Sapiro2021-10-191-2/+2
|
* Fixes for CVEs 2021-42096 and 2021-42097.Mark Sapiro2021-10-184-17/+43
|
* Updates to Japanese docs.Mark Sapiro2021-10-142-11/+16
|\
| * Update Japanese translation of Defaults.py.in for rev 1871Yasuhito FUTATSUKI at POEM2021-10-151-3/+8
| |
| * sync merge lp:mailman/2.1 up to 1871Yasuhito FUTATSUKI at POEM2021-10-1510-7/+83
| |\ | |/ |/|
* | Improve doc for VERP_PASSWORD_REMINDERS.Mark Sapiro2021-10-011-1/+4
| |
* | DMARC policy ignores domains with multiple DMARC records.Mark Sapiro2021-06-062-1/+5
| |
* | Translate 'disabled' when used.Mark Sapiro2021-04-072-1/+6
| |
* | Improve fix for lp:1921682.Mark Sapiro2021-03-311-2/+4
| |
* | Decode message bodies for replies in CommandRunner.Mark Sapiro2021-03-302-0/+7
| |
* | Fix bug in prior commit.Mark Sapiro2021-03-061-2/+2
| |
* | Thghten conditions for scrubbing text/plain.Mark Sapiro2021-03-052-1/+10
| |
* | Fix missing Subject: in some Wrap Message wrappers.Mark Sapiro2021-02-142-2/+15
| |
* | Added recognition for a non-compliant DSN from an unknown MTA.Mark Sapiro2020-12-183-0/+33
| |
| * Remove information for mailman-users-jp forum because already closedYasuhito FUTATSUKI at POEM2020-11-061-7/+1
| |
| * sync merge lp:mailman/2.1 up to r1862Yasuhito FUTATSUKI at POEM2020-11-064-7/+10
| |\ | |/ |/|
* | Added onhashchange to the HTML _badwords list.Mark Sapiro2020-10-221-0/+1
| |
* | Update configure to indicate dnspython<2.0 is required.Mark Sapiro2020-09-132-6/+8
| |
* | Added CVE and bug references to old NEWS item.Mark Sapiro2020-07-021-1/+1
| |
| * Update Japanese translation for the change of Defaults.py.in on rev 1854Yasuhito FUTATSUKI at POEM2020-07-011-2/+7
| |
| * sync merge lp:mailman/2.1 up to 1859 (2.1.34 release)Yasuhito FUTATSUKI at POEM2020-07-0145-1847/+1861
| |\ | |/ |/|
* | Bumped branch version to: 2.1.34Mark Sapiro2020-06-261-2/+2
| |
* | Prepare for 2.1.34 release.Mark Sapiro2020-06-261-1/+1
| |
* | I18n updates - just line number references.Mark Sapiro2020-06-2640-1840/+1840
| |
* | Added a couple of CVE references.Mark Sapiro2020-06-261-3/+4
| |
* | Truncate very long names for scrubbed attachments.Mark Sapiro2020-06-212-1/+5
| |
* | Implement WARN_MEMBER_OF_SUBSCRIBE subscribe setting.Mark Sapiro2020-06-103-0/+9
| |
| * Update Japanese translation of Defaults.py.in for rev1851 changeYasuhito FUTATSUKI2020-06-011-3/+4
| |
| * sync with lp:mailman/2.1 (just same)Yasuhito FUTATSUKI2020-06-0153-7980/+8219
| |\ | |/ |/|
* | Updates to Spanish i18n and mailman.pot.Mark Sapiro2020-05-2841-3779/+3827
| |
* | DMARC mitigation no longer misses upper case names.Mark Sapiro2020-05-282-2/+7
| |
* | Extend REFUSE_SECOND_PENDING to unsubscription as well.Mark Sapiro2020-05-185-9/+23
| |
* | Fix potential ValueError in MailList.CheckPending.Mark Sapiro2020-05-132-5/+11
| |
* | Bumped branch version to: 2.1.33Mark Sapiro2020-05-071-2/+2
| |
* | Fixed content injection vulnerability via the private login page.Mark Sapiro2020-05-0742-127/+130
| |
* | Bumped branch version to: 2.1.32Mark Sapiro2020-05-051-2/+2
| |
* | i18n changes for prior release.Mark Sapiro2020-05-0541-2150/+2184
| |
* | Bumped branch version to: 2.1.31Mark Sapiro2020-05-051-2/+2
| |
* | Fixed options login content injection vulnerability.Mark Sapiro2020-05-052-2/+7
| |
* | Workaround non-ascii in string.lowercase.Mark Sapiro2020-04-252-0/+7
| |