aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Utils.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* CVE-2006-3636. Fixes for various cross-site scripting issues. Discovery bybwarsaw2006-08-301-1/+1
| | | | | Moritz Naumann and most of the repair work done by Mark Sapiro (with some additional work by Barry).
* Back port Python 2.5 compatibility changes to Mailman 2.1. Specifically,bwarsaw2006-07-301-3/+5
| | | | | | | | | | | | | | | | | | - In SecurityManager.py, fix the parsecookie() code to work with Python 2.5 generated cookie text. The latter was changed to be more RFC compliant so it does not output trailing semicolons for each line of cookie text. This broke the splitting rules, so now first split on newlines, then on ';\s*'. This should work across all Python versions. - In Python 2.5, exceptions are new-style, and thus are no longer of ClassType. The instantiation type test in hold_for_approval() was too naive. This one is fixed differently here than in the MM trunk because in Python 2.1, 'type' isn't a type, it's a function and so can't be used as the second argument to isinstance() directly. - Raising strings generates deprecation warnings in Python 2.5. Switch the one weird use of this in Utils.py to use a class exception. Don't call it "quick exit" though because it's probably not.
* - Decorate.py Fixed bug 1507248 by ignoring header/footer charactersmsapiro2006-06-231-2/+8
| | | | | | | | outside the character set of the list's language. - Utils.py Fixed a security hole which allowed a crafted URI to inject bogus apparent messages into the error log, possibly inducing an admin to visit a phishing site.
* Improved fix for bug 1275856 to return host part of DEFAULT_URL if any frommsapiro2006-03-181-7/+5
| | | | get_domain() if VIRTUAL_HOST_OVERVIEW off.
* Fixed long standing bug (1275856) - get_domain() returned DEFAULT_EMAIL_HOSTmsapiro2006-03-121-3/+8
| | | | instead of DEFAULT_URL_HOST is VIRTUAL_HOST_OVERVIEW was off.
* FSF office has moved to 51 Franklin Street.tkikuchi2005-08-271-1/+1
|
* New names added to ACKNOWLEDGMENTS. Updated NEWS in preparation for 2.1.6b1.bwarsaw2005-01-161-1/+1
| | | | Update copyright years for files changes in 2005. Whitespace normalization.
* Sorry, leagality of '%' and '!' is a matter of MTA (of the user's).tkikuchi2005-01-111-1/+1
| | | | Canceling last check in.
* Add '%' and '!' in _badchars. They are used for source routing.tkikuchi2005-01-111-1/+1
|
* Secure_MakeRandomPassword(): Log an error when secure passwords were requestedbwarsaw2004-12-311-0/+3
| | | | but urandom is not available.
* From the NEWS file:bwarsaw2004-12-301-6/+45
| | | | | | | | | | - Added the ability for Mailman generated passwords (both member and list admin) to be more cryptographically secure. See new configuration variables USER_FRIENDLY_PASSWORDS, MEMBER_PASSWORD_LENGTH, and ADMIN_PASSWORD_LENGTH. Also added a new bin/withlist script called reset_pw which can be used to reset all member passwords. Passwords generated by Mailman are now 8 characters by default for members, and 10 characters for list administrators.
* [ 1030228 ] Mass Subscribe address with control character - can't deletetkikuchi2004-10-091-1/+1
| | | | Also, '/' can be used now.
* More error handling for oneline().tkikuchi2004-09-181-1/+2
|
* oneline(): Another part of TK's patch # 865661. This one adds abwarsaw2003-12-261-0/+15
| | | | | utility function that returns a header in an i18n-safe way such that it is guaranteed to span exactly one line.
* True/False where appropriate.bwarsaw2003-12-011-1/+1
|
* wrap(): Minor code cleaning.bwarsaw2003-10-071-4/+2
|
* Backporting from the HEAD -- Mailman packagebwarsaw2003-09-221-4/+26
|
* Backporting from trunk.bwarsaw2003-04-071-41/+49
|
* Backporting from trunkbwarsaw2003-03-311-1/+1
|
* Backporting from the trunk.bwarsaw2003-02-081-10/+15
|
* This commit was manufactured by cvs2svn to create branch2003-01-021-0/+773
'Release_2_1-maint'.