mailman2 - mirror of https://code.launchpad.net/~mailman-coders/mailman/2.1

	Commit message (Collapse)	Author	Files	Lines
2015-12-06	Submitting the user options form for a user who was asynchronously	Mark Sapiro	1	-0/+8
	unsubscribed would throw an uncaught NotAMemberError.
2015-09-16	Defended against a user submitting URLs with query fragments or POST	Mark Sapiro	1	-0/+8
	data containing multiple occurrences of the same variable.
2015-07-20	Don't show digest options on user's options page for non-digestable lists.	Mark Sapiro	1	-2/+8

2015-06-23	Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239)	Jim Popovitch	3	-9/+18

2015-04-23	If SUBSCRIBE_FORM_SECRET is enabled and a user's network has a load	Mark Sapiro	2	-12/+35
	balancer or similar in use the POSTing IP might not exactly match the GETting IP. This is now accounted for by not requiring the last octet (16 bits for ipV6) to match.
2015-04-13	Improved search in admin UI Membership List.	Mark Sapiro	1	-1/+10

2015-03-09	Implemented member address change via the admin GUI.	Mark Sapiro	1	-1/+109
	Updated mailman.pot and mailman.po files with the new strings.
2015-02-03	Bumped copyright year for prior change.	Mark Sapiro	1	-1/+1

2015-01-30	The admindb interface has been fixed so the the detail message body	Mark Sapiro	1	-8/+6
	display doesn't lose part of a multi-byte character, and characters which are invalid in the message's charset are replaced rather than the whole body not being converted to the display charset.
2015-01-22	A number of changes from the unofficial 2.2 branch have been backported to	Mark Sapiro	2	-18/+21
	the 2.1 branch for release with 2.1.19. The 2.2 branch is now no different from the 2.1 branch and will no longer be maintained.
2014-12-20	Implement a new DEFAULT_SUBSCRIBE_OR_INVITE setting to control the default	Mark Sapiro	1	-1/+2
	for the admin Mass Subscriptions page.
2014-11-07	Catch the NotAMemberError exception thrown if an authenticated	Mark Sapiro	1	-0/+7
	unsubscribe is submitted from the user options page for a nonmember.
2014-09-21	The options CGI now rejects all but HTTP GET and POST requests.	Mark Sapiro	1	-0/+12

2014-06-09	<label> tags have been added around most check boxes and radio buttons	Mark Sapiro	1	-10/+29
	and their text labels in the admin and admindb web GUI so they can be (de)selected by clicking the text. (LP: #266391)
2014-05-02	Removed HTML tags from the title of a couple of rmlist.py pages because	Mark Sapiro	1	-2/+2
	browsers don't render tags in the title. (LP: #265848)
2014-04-15	Fixed the admin Membership List so a search string if any is not lost	Mark Sapiro	1	-1/+2
	when visiting subsequent fragments of a chunked list.
2014-03-21	- Added the list name to the vette log "held message approved" entry.	Mark Sapiro	10	-20/+20
	(LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries.
2014-02-07	Changed the message from the confirm CGI to not indicate approval is	Mark Sapiro	1	-2/+3
	required for an acceptance of an invitation.
2013-07-19	Enable setting a default grouping/sorting for the admindb held message	Mark Sapiro	1	-4/+7
	summary via a DISPLAY_HELD_SUMMARY_SORT_BUTTONS setting.
2013-07-18	Backported the held message sorting to 2.1 and made it optional.	Mark Sapiro	1	-18/+51

2013-06-07	- It is no longer possible to add 'invalid' addresses to the ban_list	Mark Sapiro	1	-15/+39
	and the *_these_nonmembers filters from the check boxes on the admindb interface. (LP: #1187201)
2013-04-03	The pending (un)subscriptions waiting approval are now sorted by email	Mark Sapiro	1	-5/+5
	address in the admindb interface as intended. (LP: 1164160)
2012-12-14	Added a minimum delay between retrieval and submission of the subscribe form.	Mark Sapiro	1	-0/+4

2012-11-24	Implement SUBSCRIBE_FORM_SECRET to mitigate bot subscribes. (LP: 1082746)	Mark Sapiro	2	-2/+34

2012-10-30	Added 'legend' to the list of CSRF safe parameters for the admin CGI.	Mark Sapiro	1	-1/+2

2012-08-22	The query fragments send_unsub_notifications_to_list_owner and	Mark Sapiro	1	-9/+7
	send_unsub_ack_to_this_batch will now assume default values if not set in mass unsubscribe URLs. (LP: #1032378)
2012-06-20	Fixed a typo in the UPGRADING doc - bin/upgrade -> bin/update.	Mark Sapiro	1	-0/+0

2012-03-25	Backported the password reminder from private archive login feature from the	Mark Sapiro	1	-1/+22
	2.2 branch.
2012-02-23	Added a few more safe_params to the CSRF check.	Mark Sapiro	1	-1/+2

2012-02-05	Added Tokio Kikuchi's Cross-site Request Forgery hardening to the admin UI.	Mark Sapiro	1	-6/+26

2011-12-31	Fix for bug #629738 could cause a crash in the admindb details display	Mark Sapiro	1	-1/+3
	if the decoded message body contained characters not in the character set of the list's preferred language. Fixed. Bug #910440.
2011-11-12	Added masthead.txt to the list of templates that can be edited via the	Mark Sapiro	1	-1/+2
	web admin interface. Bug #266805.
2011-06-07	The user options 'list my other subscriptions' page now indicates for	Mark Sapiro	1	-0/+6
	each list if the subscription is 'nomail' or 'digest'. Bug #793669.
2011-05-10	Fixed a problem in admindb.py where the character set for the display of	Mark Sapiro	1	-1/+8
	the message body excerpt was not correctly determined. Bug #779751.
2011-05-09	Prevented setting user passwords with leading/trailing whitespace. Bug #778088.	Mark Sapiro	3	-10/+10

2011-04-25	A new list poster password has been implemented. This password may only	Mark Sapiro	1	-0/+27
	be used in Approved: or X-Approved: headers for pre-approving posts. Using this password for that purpose precludes compromise of a more valuable password sent in plain text email. Bug #770581.
2011-04-23	Added a logout link to the admindb interface and made both admin and	Mark Sapiro	2	-3/+27
	admindb logout effective for a site admin cookie if allowed. Bug #769318.
2011-04-15	Refactor last change for i18n.	Mark Sapiro	1	-5/+7

2011-04-14	Added a report of the affected members to the warnings issued when	Mark Sapiro	1	-3/+5
	setting a list with digest members digestable=No and when setting a list with non-digest members nondigestable=no. Bug #761232.
2011-03-29	Changed the subscribe CGI to strip leading and trailing whitespace from	Mark Sapiro	1	-2/+2
	the supplied email address. Bug #745432.
2011-02-18	An XSS vulnerability, CVE-2011-0707, has been fixed.	Mark Sapiro	1	-3/+3

2011-02-07	- Fixed an uncaught KeyError when poster tries to cancel a post which was	Mark Sapiro	1	-2/+3
	already handled. Bug #266224.
2011-02-05	Updated copyright year for previous change.	Mark Sapiro	1	-1/+1

2011-02-05	Issue an HTTP 404 status for private archive file not found.	Mark Sapiro	1	-0/+1

2010-09-10	Made minor wording improvements and typo corrections in some messages.	Mark Sapiro	2	-5/+5
	Bug #426979.
2010-09-09	Two potential XSS vulnerabilities have been identified and fixed.	Mark Sapiro	1	-2/+2

2010-09-03	Fixed admindb interface to decode base64 and quoted-printable encoded	Mark Sapiro	1	-1/+1
	message body excerpts for display. Bug #629738.
2010-07-27	Changed the member options login page unsubscribe request to include the	Mark Sapiro	1	-1/+2
	requesters IP address in the confirmation request. Bug #610527.
2010-07-02	Increased the font size of 'Welcome!'on admin overview for consistency with ↵	Mark Sapiro	1	-1/+1
	listinfo.
2010-06-25	Fixed an issue in admindb that could result in a KeyError and "we hit a	Mark Sapiro	1	-6/+10
	bug" response when a moderator acts on a post that had been handled by someone else after the first moderator had retrieved it. Bug #598671.