index
:
mailman2
master
upstream/2.1
mirror of https://code.launchpad.net/~mailman-coders/mailman/2.1
git
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
Mailman
/
Cgi
(
follow
)
Commit message (
Expand
)
Author
Age
Files
Lines
*
Defended against a user submitting URLs with query fragments or POST
Mark Sapiro
2015-09-16
1
-0
/
+8
*
Don't show digest options on user's options page for non-digestable lists.
Mark Sapiro
2015-07-20
1
-2
/
+8
*
Improved identification of remote clients coming via a proxy server.
Mark Sapiro
2015-06-23
3
-9
/
+18
|
\
|
*
Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239)
Jim Popovitch
2015-06-23
3
-9
/
+18
|
/
*
If SUBSCRIBE_FORM_SECRET is enabled and a user's network has a load
Mark Sapiro
2015-04-23
2
-12
/
+35
*
Improved search in admin UI Membership List.
Mark Sapiro
2015-04-13
1
-1
/
+10
*
Implemented member address change via the admin GUI.
Mark Sapiro
2015-03-09
1
-1
/
+109
*
Bumped copyright year for prior change.
Mark Sapiro
2015-02-03
1
-1
/
+1
*
The admindb interface has been fixed so the the detail message body
Mark Sapiro
2015-01-30
1
-8
/
+6
*
A number of changes from the unofficial 2.2 branch have been backported to
Mark Sapiro
2015-01-22
2
-18
/
+21
*
Implement a new DEFAULT_SUBSCRIBE_OR_INVITE setting to control the default
Mark Sapiro
2014-12-20
1
-1
/
+2
*
Catch the NotAMemberError exception thrown if an authenticated
Mark Sapiro
2014-11-07
1
-0
/
+7
*
The options CGI now rejects all but HTTP GET and POST requests.
Mark Sapiro
2014-09-21
1
-0
/
+12
*
<label> tags have been added around most check boxes and radio buttons
Mark Sapiro
2014-06-09
1
-10
/
+29
*
Removed HTML tags from the title of a couple of rmlist.py pages because
Mark Sapiro
2014-05-02
1
-2
/
+2
*
Fixed the admin Membership List so a search string if any is not lost
Mark Sapiro
2014-04-15
1
-1
/
+2
*
- Added the list name to the vette log "held message approved" entry.
Mark Sapiro
2014-03-21
10
-20
/
+20
*
Changed the message from the confirm CGI to not indicate approval is
Mark Sapiro
2014-02-07
1
-2
/
+3
*
Enable setting a default grouping/sorting for the admindb held message
Mark Sapiro
2013-07-19
1
-4
/
+7
*
Backported the held message sorting to 2.1 and made it optional.
Mark Sapiro
2013-07-18
1
-18
/
+51
*
- It is no longer possible to add 'invalid' addresses to the ban_list
Mark Sapiro
2013-06-07
1
-15
/
+39
*
The pending (un)subscriptions waiting approval are now sorted by email
Mark Sapiro
2013-04-03
1
-5
/
+5
*
Added a minimum delay between retrieval and submission of the subscribe form.
Mark Sapiro
2012-12-14
1
-0
/
+4
*
Implement SUBSCRIBE_FORM_SECRET to mitigate bot subscribes. (LP: 1082746)
Mark Sapiro
2012-11-24
2
-2
/
+34
*
Added 'legend' to the list of CSRF safe parameters for the admin CGI.
Mark Sapiro
2012-10-30
1
-1
/
+2
*
The query fragments send_unsub_notifications_to_list_owner and
Mark Sapiro
2012-08-22
1
-9
/
+7
*
Fixed a typo in the UPGRADING doc - bin/upgrade -> bin/update.
Mark Sapiro
2012-06-20
1
-0
/
+0
*
Backported the password reminder from private archive login feature from the
Mark Sapiro
2012-03-25
1
-1
/
+22
*
Added a few more safe_params to the CSRF check.
Mark Sapiro
2012-02-23
1
-1
/
+2
*
Added Tokio Kikuchi's Cross-site Request Forgery hardening to the admin UI.
Mark Sapiro
2012-02-05
1
-6
/
+26
*
Fix for bug #629738 could cause a crash in the admindb details display
Mark Sapiro
2011-12-31
1
-1
/
+3
*
Added masthead.txt to the list of templates that can be edited via the
Mark Sapiro
2011-11-12
1
-1
/
+2
*
The user options 'list my other subscriptions' page now indicates for
Mark Sapiro
2011-06-07
1
-0
/
+6
*
Fixed a problem in admindb.py where the character set for the display of
Mark Sapiro
2011-05-10
1
-1
/
+8
*
Prevented setting user passwords with leading/trailing whitespace. Bug #778088.
Mark Sapiro
2011-05-09
3
-10
/
+10
*
A new list poster password has been implemented. This password may only
Mark Sapiro
2011-04-25
1
-0
/
+27
*
Added a logout link to the admindb interface and made both admin and
Mark Sapiro
2011-04-23
2
-3
/
+27
*
Refactor last change for i18n.
Mark Sapiro
2011-04-15
1
-5
/
+7
*
Added a report of the affected members to the warnings issued when
Mark Sapiro
2011-04-14
1
-3
/
+5
*
Changed the subscribe CGI to strip leading and trailing whitespace from
Mark Sapiro
2011-03-29
1
-2
/
+2
*
An XSS vulnerability, CVE-2011-0707, has been fixed.
Mark Sapiro
2011-02-18
1
-3
/
+3
*
- Fixed an uncaught KeyError when poster tries to cancel a post which was
Mark Sapiro
2011-02-07
1
-2
/
+3
*
Updated copyright year for previous change.
Mark Sapiro
2011-02-05
1
-1
/
+1
*
Issue an HTTP 404 status for private archive file not found.
Mark Sapiro
2011-02-05
1
-0
/
+1
*
Made minor wording improvements and typo corrections in some messages.
Mark Sapiro
2010-09-10
2
-5
/
+5
*
Two potential XSS vulnerabilities have been identified and fixed.
Mark Sapiro
2010-09-09
1
-2
/
+2
*
Fixed admindb interface to decode base64 and quoted-printable encoded
Mark Sapiro
2010-09-03
1
-1
/
+1
*
Changed the member options login page unsubscribe request to include the
Mark Sapiro
2010-07-27
1
-1
/
+2
*
Increased the font size of 'Welcome!'on admin overview for consistency with l...
Mark Sapiro
2010-07-02
1
-1
/
+1
*
Fixed an issue in admindb that could result in a KeyError and "we hit a
Mark Sapiro
2010-06-25
1
-6
/
+10
[next]