aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Subscription disabled warnings are now sent without a Precedence:Mark Sapiro2012-02-172-5/+6
| | | | header. Bug #808821.
* Backported 2.2 branch fix for a problem in SpamDetect.py that couldMark Sapiro2012-02-051-36/+20
| | | | cause header_filter_rules to fail to match RFC 2047 encoded headers.
* Added Tokio Kikuchi's Cross-site Request Forgery hardening to the admin UI.Mark Sapiro2012-02-054-9/+114
|
* Fix for bug #629738 could cause a crash in the admindb details displayMark Sapiro2011-12-311-1/+3
| | | | | if the decoded message body contained characters not in the character set of the list's preferred language. Fixed. Bug #910440.
* Added recognition for another Qmail bounce.Mark Sapiro2011-12-251-2/+3
|
* Fixed an erroneous seek in the Mailman.Mailbox.Mailbox.AppendMessageMark Sapiro2011-12-121-3/+4
| | | | | method that could cause a corrupt mailbox for files opened 'w+'. Bug #901957.
* A held message with a null sender caused a crash in the admindbMark Sapiro2011-11-291-1/+3
| | | | | interface. This is fixed by changing the sender to <missing>. Bug #897103.
* Added some missing German templates from Egon Frerich.Mark Sapiro2011-11-271-0/+0
|
* Removed Python 2.5 dependency from fix for Bug #770377.Mark Sapiro2011-11-261-2/+2
|
* Changed subject prefixing to allow for possible whitespace between anMark Sapiro2011-11-221-2/+2
| | | | | 'Re' and the following colon when determining how to add the prefix. Bug #893290.
* Fixed a problem where topics regexps would not match RFC 2047 encodedMark Sapiro2011-11-171-4/+13
| | | | Keywords: and/or Subject: headers. Bug #891676.
* Strengthened the validation of email addresses.Mark Sapiro2011-11-131-8/+3
|
* Fixed misleading response to an email approval of a held message.Mark Sapiro2011-11-132-4/+15
| | | | Bug #889968.
* Added masthead.txt to the list of templates that can be edited via theMark Sapiro2011-11-121-1/+2
| | | | web admin interface. Bug #266805.
* Changed the way digest_footer is added to the RFC 1153 (plain) formatMark Sapiro2011-11-111-7/+8
| | | | digest for RFC compliance. Bug #887610.
* The fix for BUG #266220 (sf1181161) has been enhanced so that if thereMark Sapiro2011-10-131-1/+18
| | | | | | is a pathological HTML part such that the Approved: password text isn't found, but it is found after stripping out HTML tags, the post is rejected with an informative message.
* - Mailman/Gui/General.pyMark Sapiro2011-10-042-3/+18
| | | | | | | | Fixed the setting of new_member_options so that unprocessed bits are not changed. Augmented the logic so that bin/config_list can set or reset any bits in mm_cfg.OPTINFO. Bug #865825. - Mailman/Defaulys.py.in Added missing bits to OPTINFO.
* Eliminated the list cache from the qrunners. Indirect self-referencesMark Sapiro2011-09-291-17/+12
| | | | | | caused lists to never be dropped from the cache which in turn caused the qrunners to grow very large in installations with many lists or multiple large lists. Bug #862683.
* A problem with the logic avoiding unnecessarily reloading a current listMark Sapiro2011-09-291-3/+12
| | | | | | | object from the config.pck arises if the list is updated by another process within the same second that it was last read/written. That can cause the reading of latest version of the list to be skipped. This has been fixed. Bug #862675.
* Strengthened the validation of email address domains.Mark Sapiro2011-09-151-0/+6
|
* Added Greek translation from Antonis Limperis.Mark Sapiro2011-09-151-0/+1
|
* The user options 'list my other subscriptions' page now indicates forMark Sapiro2011-06-071-0/+6
| | | | each list if the subscription is 'nomail' or 'digest'. Bug #793669.
* Fixed a problem which could result in raw, undecoded message bodiesMark Sapiro2011-06-021-4/+7
| | | | appearing in plain digests and archives. Bug #787790.
* Fixed a problem in admindb.py where the character set for the display ofMark Sapiro2011-05-101-1/+8
| | | | the message body excerpt was not correctly determined. Bug #779751.
* Prevented setting user passwords with leading/trailing whitespace. Bug #778088.Mark Sapiro2011-05-093-10/+10
|
* Made the web escaping of additional characters a configuration setting.Mark Sapiro2011-05-012-12/+31
|
* Since context may be AuthUser, we must refresh the cookie where we have a user.Mark Sapiro2011-04-261-2/+2
|
* Yet another change to the broken browser HTML escaping.Mark Sapiro2011-04-261-1/+2
|
* Don't try converting non-ascii to HTML entities in unicode.Mark Sapiro2011-04-261-2/+5
|
* Don't redefine existing authentication contexts.Mark Sapiro2011-04-251-2/+2
|
* A new list poster password has been implemented. This password may onlyMark Sapiro2011-04-256-6/+50
| | | | | | be used in Approved: or X-Approved: headers for pre-approving posts. Using this password for that purpose precludes compromise of a more valuable password sent in plain text email. Bug #770581.
* Strengthened escaping of user web data by including some characters thatMark Sapiro2011-04-251-0/+8
| | | | some older browsers misinterpret as < or >.
* A new mm_cfg.py setting AUTHENTICATION_COOKIE_LIFETIME has been added.Mark Sapiro2011-04-252-1/+10
| | | | | | If this is set to a non-zero value, web authentication cookies will expire that many seconds following their last use. Its default value is zero to preserve current behavior.
* Mailman now sets the 'secure' flag in cookies set via https URLs.Mark Sapiro2011-04-251-1/+6
| | | | Bug #770377.
* Added a logout link to the admindb interface and made both admin andMark Sapiro2011-04-232-3/+27
| | | | | admindb logout effective for a site admin cookie if allowed. Bug #769318.
* Changed bin/genaliases to only call the POSTFIX_*_CMD commands once whenMark Sapiro2011-04-161-2/+5
| | | | MTA = 'Postfix'. Bug #266408.
* Refactor last change for i18n.Mark Sapiro2011-04-151-5/+7
|
* Added a report of the affected members to the warnings issued whenMark Sapiro2011-04-141-3/+5
| | | | | setting a list with digest members digestable=No and when setting a list with non-digest members nondigestable=no. Bug #761232.
* Fixed a problem where content filtering could remove the headers fromMark Sapiro2011-04-121-1/+8
| | | | | an attached message/rfc822 part if the message in that part is multipart/alternative and collapse_alternatives is Yes. Bug #757062.
* Fix for bug #701558 went to far. Don't recast message/rfc822 parts.Mark Sapiro2011-04-071-2/+4
| | | | We want to keep the headers.
* Changed the subscribe CGI to strip leading and trailing whitespace fromMark Sapiro2011-03-291-2/+2
| | | | the supplied email address. Bug #745432.
* Changed the maximum number of arguments for the who command to beMark Sapiro2011-03-211-2/+2
| | | | | considered administrivia from 2 to 1 to help avoid false positives. Bug #739524.
* Added the list name as 'display-name' in added Sender: headers to helpMark Sapiro2011-03-211-3/+4
| | | | mitigate Outlook et al 'on behalf of' displays. Bug #736849.
* An XSS vulnerability, CVE-2011-0707, has been fixed.Mark Sapiro2011-02-181-3/+3
|
* - Fixed an uncaught KeyError when poster tries to cancel a post which wasMark Sapiro2011-02-071-2/+3
| | | | already handled. Bug #266224.
* - Held message user notifications now come From: list-owner instead ofMark Sapiro2011-02-071-5/+2
| | | | list-bounces. Bug #714424.
* - A new mm_cfg.py setting RESPONSE_INCLUDE_LEVEL has been added to controlMark Sapiro2011-02-073-19/+77
| | | | | | | | | | | | | | | | | | | | how much of the original message is included in automatic responses to email commands. The default is 2 to preserve the prior behavior of including the full message. Setting this to 1 in mm_cfg.py will include only the original headers, and 0 will include none of the original. It is recommended to set this to 0 in mm_cfg.py to minimize the effects of backscatter. Bug #265835. - A new mm_cfg.py setting DEFAULT_RESPOND_TO_POST_REQUESTS has been added to control the default for respond_to_post_requests for new lists. It is set to Yes for backwards compatibility, but it is recommended that serious consideration be given to setting it to No. Bug #266051. - A new mm_cfg.py setting DISCARD_MESSAGE_WITH_NO_COMMAND has been added to control whether a message to the -request address without any commands or a message to -confirm whose To: address doesn't match VERP_CONFIRM_REGEXP is responded to or just logged. It defaults to Yes which is different from prior behavior. Bug #410236.
* Updated copyright year for previous change.Mark Sapiro2011-02-051-1/+1
|
* Issue an HTTP 404 status for private archive file not found.Mark Sapiro2011-02-051-0/+1
|
* @listname entries in *_these_nonmembers are no longer case sensitive.Mark Sapiro2011-01-241-4/+5
| | | | Bug #705715.