aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman (unfollow)
Commit message (Collapse)AuthorFilesLines
2012-10-30Added 'legend' to the list of CSRF safe parameters for the admin CGI.Mark Sapiro1-1/+2
2012-10-21IncomingRunner now logs rejected messages to the vette log.Mark Sapiro1-0/+7
2012-09-06Fixed a bug where non-ascii characters in the real name in a subscriptionMark Sapiro1-0/+4
request could throw a UnicodeEncodeError upon subscription approval and perhaps in other situations too. (LP: 1047100)
2012-08-22The query fragments send_unsub_notifications_to_list_owner andMark Sapiro1-9/+7
send_unsub_ack_to_this_batch will now assume default values if not set in mass unsubscribe URLs. (LP: #1032378)
2012-06-20Fixed a typo in the UPGRADING doc - bin/upgrade -> bin/update.Mark Sapiro10-0/+0
2012-06-13Bumped for 2.1.15 release.Mark Sapiro1-3/+3
2012-05-15Tagging branch with: 2.1.15rc1Mark Sapiro1-4/+4
2012-05-13Fixed a bug that could send an admin notice of a held subscription withMark Sapiro1-0/+3
the subject in the user's preferred language instead of the list's preferred language and possibly not properly RFC 2047 encoded. (LP: #998949)
2012-03-28Added the MailList.py change missing from rev. 1345.Mark Sapiro1-0/+1
2012-03-27Fixed a possible CPU bound loop in OutgoingRunner if the attempt toMark Sapiro1-1/+2
Connect to the SMTP server throws a socket.error. (LP: #966531)
2012-03-27Fixed a potential crash in the web UI if a language is removed from theMark Sapiro1-1/+1
LC_DESCRIPTIONS dictionary. (LP: #966565)
2012-03-27Added an Auto-Submitted: header to invitations and (un)subscriptionMark Sapiro1-1/+13
confirmation requests to reduce the possibility of an autoresponder confirming the request. (LP: #265831)
2012-03-25Backported the password reminder from private archive login feature from theMark Sapiro1-1/+22
2.2 branch.
2012-03-25Backported regular_exclude_ignore list attribute feature from 2.2 branch.Mark Sapiro5-1/+21
2012-03-24Stopped removing the trailing slash from the List-Archive: header URL.Mark Sapiro1-2/+0
(LP: #964190)
2012-02-23Added a few more safe_params to the CSRF check.Mark Sapiro1-1/+2
2012-02-17Subscription disabled warnings are now sent without a Precedence:Mark Sapiro2-5/+6
header. Bug #808821.
2012-02-05Backported 2.2 branch fix for a problem in SpamDetect.py that couldMark Sapiro1-36/+20
cause header_filter_rules to fail to match RFC 2047 encoded headers.
2012-02-05Added Tokio Kikuchi's Cross-site Request Forgery hardening to the admin UI.Mark Sapiro4-9/+114
2011-12-31Fix for bug #629738 could cause a crash in the admindb details displayMark Sapiro1-1/+3
if the decoded message body contained characters not in the character set of the list's preferred language. Fixed. Bug #910440.
2011-12-25Added recognition for another Qmail bounce.Mark Sapiro1-2/+3
2011-12-12Fixed an erroneous seek in the Mailman.Mailbox.Mailbox.AppendMessageMark Sapiro1-3/+4
method that could cause a corrupt mailbox for files opened 'w+'. Bug #901957.
2011-11-29A held message with a null sender caused a crash in the admindbMark Sapiro1-1/+3
interface. This is fixed by changing the sender to <missing>. Bug #897103.
2011-11-27Added some missing German templates from Egon Frerich.Mark Sapiro1-0/+0
2011-11-26Removed Python 2.5 dependency from fix for Bug #770377.Mark Sapiro1-2/+2
2011-11-22Changed subject prefixing to allow for possible whitespace between anMark Sapiro1-2/+2
'Re' and the following colon when determining how to add the prefix. Bug #893290.
2011-11-17Fixed a problem where topics regexps would not match RFC 2047 encodedMark Sapiro1-4/+13
Keywords: and/or Subject: headers. Bug #891676.
2011-11-13Strengthened the validation of email addresses.Mark Sapiro1-8/+3
2011-11-13Fixed misleading response to an email approval of a held message.Mark Sapiro2-4/+15
Bug #889968.
2011-11-12Added masthead.txt to the list of templates that can be edited via theMark Sapiro1-1/+2
web admin interface. Bug #266805.
2011-11-11Changed the way digest_footer is added to the RFC 1153 (plain) formatMark Sapiro1-7/+8
digest for RFC compliance. Bug #887610.
2011-10-13The fix for BUG #266220 (sf1181161) has been enhanced so that if thereMark Sapiro1-1/+18
is a pathological HTML part such that the Approved: password text isn't found, but it is found after stripping out HTML tags, the post is rejected with an informative message.
2011-10-04- Mailman/Gui/General.pyMark Sapiro2-3/+18
Fixed the setting of new_member_options so that unprocessed bits are not changed. Augmented the logic so that bin/config_list can set or reset any bits in mm_cfg.OPTINFO. Bug #865825. - Mailman/Defaulys.py.in Added missing bits to OPTINFO.
2011-09-29Eliminated the list cache from the qrunners. Indirect self-referencesMark Sapiro1-17/+12
caused lists to never be dropped from the cache which in turn caused the qrunners to grow very large in installations with many lists or multiple large lists. Bug #862683.
2011-09-29A problem with the logic avoiding unnecessarily reloading a current listMark Sapiro1-3/+12
object from the config.pck arises if the list is updated by another process within the same second that it was last read/written. That can cause the reading of latest version of the list to be skipped. This has been fixed. Bug #862675.
2011-09-15Strengthened the validation of email address domains.Mark Sapiro1-0/+6
2011-09-15Added Greek translation from Antonis Limperis.Mark Sapiro1-0/+1
2011-06-07The user options 'list my other subscriptions' page now indicates forMark Sapiro1-0/+6
each list if the subscription is 'nomail' or 'digest'. Bug #793669.
2011-06-02Fixed a problem which could result in raw, undecoded message bodiesMark Sapiro1-4/+7
appearing in plain digests and archives. Bug #787790.
2011-05-10Fixed a problem in admindb.py where the character set for the display ofMark Sapiro1-1/+8
the message body excerpt was not correctly determined. Bug #779751.
2011-05-09Prevented setting user passwords with leading/trailing whitespace. Bug #778088.Mark Sapiro3-10/+10
2011-05-01Made the web escaping of additional characters a configuration setting.Mark Sapiro2-12/+31
2011-04-26Since context may be AuthUser, we must refresh the cookie where we have a user.Mark Sapiro1-2/+2
2011-04-26Yet another change to the broken browser HTML escaping.Mark Sapiro1-1/+2
2011-04-26Don't try converting non-ascii to HTML entities in unicode.Mark Sapiro1-2/+5
2011-04-25Don't redefine existing authentication contexts.Mark Sapiro1-2/+2
2011-04-25A new list poster password has been implemented. This password may onlyMark Sapiro6-6/+50
be used in Approved: or X-Approved: headers for pre-approving posts. Using this password for that purpose precludes compromise of a more valuable password sent in plain text email. Bug #770581.
2011-04-25Strengthened escaping of user web data by including some characters thatMark Sapiro1-0/+8
some older browsers misinterpret as < or >.
2011-04-25A new mm_cfg.py setting AUTHENTICATION_COOKIE_LIFETIME has been added.Mark Sapiro2-1/+10
If this is set to a non-zero value, web authentication cookies will expire that many seconds following their last use. Its default value is zero to preserve current behavior.
2011-04-25Mailman now sets the 'secure' flag in cookies set via https URLs.Mark Sapiro1-1/+6
Bug #770377.