aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman (unfollow)
Commit message (Collapse)AuthorFilesLines
2018-06-06Improved logging of security related eventsJim Popovitch7-1/+34
2018-06-05Extend BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE for IPv6.Mark Sapiro1-7/+21
Fix string formatting for Python 2.6.
2018-06-04Not at all my day.Mark Sapiro1-1/+1
2018-06-04Ooops. Forgot mm_cfg.Mark Sapiro1-1/+1
2018-06-04Restrict Spamhaus ZEN hits to SBL, CSS and XBL.Mark Sapiro2-3/+3
2018-06-04Added BLOCK_SPAMHAUS_LISTED_IP_SUBSCRIBE FeatureMark Sapiro3-1/+34
2018-06-03Added Esperanto translation and updated i18n.Mark Sapiro1-0/+1
2018-06-03Separate data in CSRF token by colon to avoid collisions.Ralf Jung2-6/+6
This makes the data-to-token function injective. Previously, for example, the list called "list1" and the IP "10.0.0.0" would have the same hash as the list called "list" and the IP "110.0.0.0", as the strings were just concatenated.
2018-05-26Internationalize the noscript note added to reCAPTCHA.Mark Sapiro1-2/+3
2018-05-21A few more error messages have had their values HTML escaped.Mark Sapiro1-1/+2
2018-05-05Add <noscript> note to listinfo reCAPTCHA that JavaScript is required.Mark Sapiro1-0/+1
2018-05-03bin/arch now uses i18n.C_ for progress messages.Mark Sapiro2-11/+12
2018-04-10Improve DELIVERY_RETRY_WAIT reimplementation.Mark Sapiro2-6/+9
2018-03-12Fixed another Python 2.7 dependency.Mark Sapiro1-3/+2
2018-03-08Added a few more badword checks to Utils.suspiciousHTML().Mark Sapiro2-5/+36
Added validation of GUI updates to host_name.
2018-03-08Bad values in topics no longer break the list.Mark Sapiro1-2/+10
2018-03-01Removed a Python 2.7 dependency introduced in 2.1.26.Mark Sapiro1-1/+1
2018-02-04Bumped branch version to: 2.1.26Mark Sapiro1-2/+2
2018-02-04Fix XSS and info leak in options CGI - CVE-2018-5950Mark Sapiro1-15/+17
2018-02-03It's not necessary to replace _ with - in language codes for reCAPTCHA.Mark Sapiro1-3/+1
2018-01-30Corrected i18n from rev. 1738 and updated message catalogs.Mark Sapiro1-3/+5
2018-01-30Update Japanese translation (with msgid fix)Yasuhito FUTATSUKI at POEM1-3/+3
2018-01-29Allow the list subscription form to be protected from spam bots usingDavid Siebörger3-0/+38
reCAPTCHA.
2017-12-29Removed a Python 2.7 dependency from pipermail.py.Mark Sapiro1-2/+2
2017-12-09Show match in hold reason for header_filter_rules.Mark Sapiro1-2/+8
2017-11-23Ignore missing .db files when updating group and mode.Mark Sapiro1-1/+6
2017-11-02The DELIVERY_RETRY_WAIT setting is now effective.Mark Sapiro2-1/+7
2017-10-26Bumped branch version to: 2.1.25Mark Sapiro1-2/+2
2017-10-26Updated i18n in preparation for 2.1.25 release.Mark Sapiro1-2/+2
Fixed a minor typo.
2017-10-07Improved DMARC testing for domains with DNSSEC validation problems.Mark Sapiro1-2/+14
2017-09-22The default DMARC reject reason now properly replaces %(listowner)s.Mark Sapiro1-0/+1
2017-07-30Show case preserved emails in the roster.Mark Sapiro1-0/+1
2017-06-24Added screen reader labels to some admindb radio buttons.Mark Sapiro2-24/+13
2017-06-21Added text for screen readers only to checkboxes on admin Membership List.Mark Sapiro2-8/+36
2017-06-09Display date of held subscriptions and keep newest.Mark Sapiro1-6/+11
2017-06-07Reverted another getfirst in the multi-value CGI defence.Mark Sapiro1-1/+1
2017-06-06Ensure aliases.db and virtual-mailman.db are world readable and ownedMark Sapiro1-3/+25
by the Mailman user.
2017-06-05Bumped Copyrights and fixed a bug in prior commit.Mark Sapiro12-14/+14
2017-06-05Defend against CGI requests with multiple values for the same parameter.Mark Sapiro13-114/+114
2017-06-04Fixed a regression in Cgi/options.py.Mark Sapiro1-12/+12
2017-06-02Bumped branch version to: 2.1.24Mark Sapiro1-2/+2
2017-05-30Added list-owner@virtual.domain addresses to virtual-mailman.Mark Sapiro1-6/+29
2017-05-30Display only the list-owner address in the 'list run by' footer.Mark Sapiro1-3/+2
2017-05-24Changed member_verbosity_threshold from a >= test to a strictly > test.Mark Sapiro1-2/+2
2017-05-23Implement base64 encoded recipient header.Mark Sapiro2-0/+16
2017-05-12Changed DEFAULT_MSG_FOOTER to use standard sig separator.Mark Sapiro1-2/+5
2017-05-12Improvements in subject prefixing with encoded prefixes.Mark Sapiro1-6/+8
2017-04-25Change 'subscribees' to 'subscribers' on admin mass subscribe page.Mark Sapiro1-1/+1
Update i18n.
2017-03-30Fixed unexploitable XSS attach via crafted HTTP Host: header.Mark Sapiro1-1/+1
2017-03-15Treat message and digest headers and footers as empty if they containMark Sapiro2-7/+11
only whitespace.