From 6fac67d23d53d2bb46b300e53a33da1c8f09cb86 Mon Sep 17 00:00:00 2001 From: Mark Sapiro Date: Wed, 10 Jun 2020 15:04:26 -0700 Subject: Implement WARN_MEMBER_OF_SUBSCRIBE subscribe setting. --- Mailman/Cgi/subscribe.py | 1 + Mailman/Defaults.py.in | 4 ++++ 2 files changed, 5 insertions(+) (limited to 'Mailman') diff --git a/Mailman/Cgi/subscribe.py b/Mailman/Cgi/subscribe.py index 795fc81b..ca218737 100644 --- a/Mailman/Cgi/subscribe.py +++ b/Mailman/Cgi/subscribe.py @@ -300,6 +300,7 @@ moderator's decision when they get to your request.""") results = _('You are already subscribed.') else: results = privacy_results + if privacy_results and mm_cfg.WARN_MEMBER_OF_SUBSCRIBE: # This could be a membership probe. For safety, let the user know # a probe occurred. BAW: should we inform the list moderator? listaddr = mlist.GetListEmail() diff --git a/Mailman/Defaults.py.in b/Mailman/Defaults.py.in index e5d8b3cf..fea5dcf1 100755 --- a/Mailman/Defaults.py.in +++ b/Mailman/Defaults.py.in @@ -1130,6 +1130,10 @@ ANONYMOUS_LIST_KEEP_HEADERS = ['^(?!x-)', '^x-mailman-', # request email, she has to wait PENDING_REQUEST_LIFE (default 3 days) before # she can request another. This setting also applies to repeated unsubscribes. REFUSE_SECOND_PENDING = No +# Mailbombing of a list member of a list with private rosters can occur with +# repeated subscribe attempts resulting in repeated user warnings. Set the +# following to No to supress the user warnings. +WARN_MEMBER_OF_SUBSCRIBE = Yes -- cgit v1.2.3 From 53a0828d3ee7eb1ea2726c12495e22e0640dade3 Mon Sep 17 00:00:00 2001 From: Mark Sapiro Date: Sun, 21 Jun 2020 11:45:30 -0700 Subject: Truncate very long names for scrubbed attachments. --- Mailman/Handlers/Scrubber.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'Mailman') diff --git a/Mailman/Handlers/Scrubber.py b/Mailman/Handlers/Scrubber.py index 97e443b7..cecd11fb 100644 --- a/Mailman/Handlers/Scrubber.py +++ b/Mailman/Handlers/Scrubber.py @@ -471,7 +471,8 @@ def save_attachment(mlist, msg, dir, filter_html=True): # guessed so attachments can't lie about their type. Also, if the # filename /has/ no extension, then tack on the one we guessed. # The extension was removed from the name above. - filebase = filename + # Allow for extra and ext and keep it under 255 bytes. + filebase = filename[:240] # Now we're looking for a unique name for this file on the file # system. If msgdir/filebase.ext isn't unique, we'll add a counter # after filebase, e.g. msgdir/filebase-cnt.ext -- cgit v1.2.3 From ed5f68f60484c62be8fc463ef433175e99f11f2f Mon Sep 17 00:00:00 2001 From: Mark Sapiro Date: Fri, 26 Jun 2020 17:18:04 -0700 Subject: Bumped branch version to: 2.1.34 --- Mailman/Version.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'Mailman') diff --git a/Mailman/Version.py b/Mailman/Version.py index af7d8085..23562c06 100644 --- a/Mailman/Version.py +++ b/Mailman/Version.py @@ -16,7 +16,7 @@ # USA. # Mailman version -VERSION = '2.1.33' +VERSION = '2.1.34' # And as a hex number in the manner of PY_VERSION_HEX ALPHA = 0xa @@ -28,7 +28,7 @@ FINAL = 0xf MAJOR_REV = 2 MINOR_REV = 1 -MICRO_REV = 33 +MICRO_REV = 34 REL_LEVEL = FINAL # at most 15 beta releases! REL_SERIAL = 0 -- cgit v1.2.3