index
:
mailman2
master
upstream/2.1
mirror of https://code.launchpad.net/~mailman-coders/mailman/2.1
git
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
Mailman
/
Cgi
(
unfollow
)
Commit message (
Expand
)
Author
Files
Lines
2021-11-30
Block CSRF attack against admin or admindb pages.
Mark Sapiro
3
-3
/
+6
2021-11-23
Prior commit was incomplete.
Mark Sapiro
1
-4
/
+5
2021-11-21
Avoid NotAMemberError in CSRF check from user options page.
Mark Sapiro
1
-11
/
+11
2021-11-12
Fix admindb for list with no mod password.
Mark Sapiro
1
-1
/
+2
2021-11-03
Use moderator rather than admin for admindb CSRF token.
Mark Sapiro
1
-2
/
+1
2021-11-03
Fix a potentail XSS attack via the user options page.
Mark Sapiro
1
-0
/
+2
2021-10-18
Fixes for CVEs 2021-42096 and 2021-42097.
Mark Sapiro
1
-13
/
+12
2020-06-10
Implement WARN_MEMBER_OF_SUBSCRIBE subscribe setting.
Mark Sapiro
1
-0
/
+1
2020-05-18
Extend REFUSE_SECOND_PENDING to unsubscription as well.
Mark Sapiro
1
-0
/
+3
2020-05-07
Fixed content injection vulnerability via the private login page.
Mark Sapiro
1
-7
/
+3
2020-05-05
Fixed options login content injection vulnerability.
Mark Sapiro
1
-1
/
+1
2020-01-09
Implement REFUSE_SECOND_PENDING setting to prevent multiple pending subscribes.
Mark Sapiro
1
-0
/
+3
2019-10-05
Changed new 'Successfully unsubscribed:' to existing
Mark Sapiro
1
-1
/
+1
2019-09-17
Implemented web admin sync members.
Mark Sapiro
1
-2
/
+109
2019-06-10
Don't enable CAPTCHA if 'en' key is not set
Ralf Jung
1
-1
/
+1
2019-06-10
fix computing the form hash when there is no CAPTCHA
Ralf Jung
1
-1
/
+1
2019-06-10
implement a simple CAPTCHA scheme based on questions and answers configured b...
Ralf Jung
2
-4
/
+25
2019-03-06
Strip leading/trailing spaces from login email for private and options login.
Mark Sapiro
2
-3
/
+4
2018-12-30
Corrected and augmented some security log messages.
Mark Sapiro
4
-3
/
+17
2018-08-07
Catch TypeError on simultaneous confirmations of the same token.
Mark Sapiro
1
-5
/
+19
2018-07-15
fix python doc urls
Yasuhito FUTATSUKI at POEM
1
-1
/
+1
2018-07-09
Add language selecter to "HTML Page Editing" page for multi-lang lists
Yasuhito FUTATSUKI at POEM
1
-7
/
+34
2018-06-22
* apply Utils.websafe() to description string in admin.py
Yasuhito FUTATSUKI at POEM
1
-1
/
+1
2018-06-22
enhance i18n of listinfo overview
Yasuhito FUTATSUKI at POEM
2
-2
/
+2
2018-06-18
Added global _ where needed.
Mark Sapiro
2
-0
/
+2
2018-06-17
Bump copyright dates.
Mark Sapiro
12
-11
/
+11
2018-06-16
enhance i18n in admin(un)?subscribeack messages
Yasuhito FUTATSUKI at POEM
2
-4
/
+7
2018-06-10
Changes based on feedback from Mark.
Jim Popovitch
2
-5
/
+8
2018-06-06
Improved logging of security related events
Jim Popovitch
5
-0
/
+25
2018-06-03
Separate data in CSRF token by colon to avoid collisions.
Ralf Jung
2
-6
/
+6
2018-05-26
Internationalize the noscript note added to reCAPTCHA.
Mark Sapiro
1
-2
/
+3
2018-05-05
Add <noscript> note to listinfo reCAPTCHA that JavaScript is required.
Mark Sapiro
1
-0
/
+1
2018-03-01
Removed a Python 2.7 dependency introduced in 2.1.26.
Mark Sapiro
1
-1
/
+1
2018-02-04
Fix XSS and info leak in options CGI - CVE-2018-5950
Mark Sapiro
1
-15
/
+17
2018-02-03
It's not necessary to replace _ with - in language codes for reCAPTCHA.
Mark Sapiro
1
-3
/
+1
2018-01-30
Corrected i18n from rev. 1738 and updated message catalogs.
Mark Sapiro
1
-3
/
+5
2018-01-30
Update Japanese translation (with msgid fix)
Yasuhito FUTATSUKI at POEM
1
-3
/
+3
2018-01-29
Allow the list subscription form to be protected from spam bots using
David Siebörger
2
-0
/
+32
2017-06-24
Added screen reader labels to some admindb radio buttons.
Mark Sapiro
1
-15
/
+10
2017-06-21
Added text for screen readers only to checkboxes on admin Membership List.
Mark Sapiro
1
-7
/
+16
2017-06-09
Display date of held subscriptions and keep newest.
Mark Sapiro
1
-6
/
+11
2017-06-07
Reverted another getfirst in the multi-value CGI defence.
Mark Sapiro
1
-1
/
+1
2017-06-05
Bumped Copyrights and fixed a bug in prior commit.
Mark Sapiro
10
-12
/
+12
2017-06-05
Defend against CGI requests with multiple values for the same parameter.
Mark Sapiro
11
-105
/
+105
2017-06-04
Fixed a regression in Cgi/options.py.
Mark Sapiro
1
-12
/
+12
2017-04-25
Change 'subscribees' to 'subscribers' on admin mass subscribe page.
Mark Sapiro
1
-1
/
+1
2017-02-22
Fixed an uncaught TypeError in the subscribe CGI.
Mark Sapiro
1
-1
/
+1
2017-02-03
Fixed a TypeError thrown in the roster CGI when called with a listname
Mark Sapiro
1
-3
/
+3
2016-10-27
Fixed incorrect "view more members" links at the bottom of the admin
Mark Sapiro
1
-4
/
+5
2016-10-11
Further changes to keep domains aligned with virtual list notification emails
Jim Popovitch
1
-3
/
+2
[next]