aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/HTMLFormatter.py (unfollow)
Commit message (Collapse)AuthorFilesLines
2017-05-30Display only the list-owner address in the 'list run by' footer.Mark Sapiro1-3/+2
2016-08-26Fixes for CVE-2016-6893 and more.Mark Sapiro1-2/+9
2015-02-13Because of privacy concerns with the 2.2 backport adding real name toMark Sapiro1-1/+1
list rosters, this is controlled by a new ROSTER_DISPLAY_REALNAME setting that defaults to No.
2015-01-22A number of changes from the unofficial 2.2 branch have been backported toMark Sapiro1-1/+4
the 2.1 branch for release with 2.1.19. The 2.2 branch is now no different from the 2.1 branch and will no longer be maintained.
2010-09-09Two potential XSS vulnerabilities have been identified and fixed.Mark Sapiro1-3/+4
2008-02-03HTMLFormatter.py - list_hidden didn't work for digest members. Fixed.Mark Sapiro1-10/+6
2007-05-08- CGI/admin.pymsapiro1-6/+6
The email address which forms a part of the various CGI data keys in the admin membership list is now urllib.quote()ed. This allows changing options for and unsubbing an address which contains a double-quote character. - CGI/admindb.py Added additional test to not display "Database Updated ..." when coming from the login page. - CGI/roster.py, HTMLFormatter.py Changed to show hidden members when authorization is site or list's admin or moterator password. Patch 1587651. - Defaults.py.in, Handlers/Cleanse_DKIM.py Added a new REMOVE_DKIM_HEADERS Defaults.py/mm_cfg.py setting (default = No) to control removing dkim/domainkey signatures from posts and mail to -owner. - Handlers/Decorate.py, Handlers/Scrubber.py Changed to preserve format=flowed and delsp=yes in the Content-Type: of the body when adding header/footer and when scrubbing attachments and to remove trailing spaces from the header/footer lines so they won't be flowed. Bug 1495122. Fixed a scrubber issue where the i18n translated 'next part' separator can be garbled if the list charset is different from the message. - Queue/Runner.py. Queue/Switchboard.py Now that we have .bak queue entries for recovery, it is no longer the case that an unparseable message is lost. In this case, and in case of other exceptions when dequeueing, I added a preservation feature to move the .bak file to qfiles/shunt as a .psv file and write an appropriate log entry. It is also possible for an attempt to shunt a message to fail. One example that occurred in practice (bug 1656289) was caused by a huge message that threw a MemoryError in processing and then threw another MemoryError in the attempt to pickle the message for the shunt queue. In this case as well, I log and attempt to preserve the original queue entry by renaming.
2006-08-30CVE-2006-3636. Fixes for various cross-site scripting issues. Discovery bybwarsaw1-3/+8
Moritz Naumann and most of the repair work done by Mark Sapiro (with some additional work by Barry).
2005-08-27FSF office has moved to 51 Franklin Street.tkikuchi1-1/+1
2003-09-29FormatUsers(): The user portion of the link should honor the settingbwarsaw1-9/+10
of self.obscure_addresses.
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 19:26:18 +0000