From a3a2e764e98755d616c6c661ca7a9aadb6f0dc84 Mon Sep 17 00:00:00 2001 From: bwarsaw <> Date: Mon, 30 May 2005 20:09:15 +0000 Subject: Updates for 2.1.6 final. --- NEWS | 80 ++++++++++++++++++++++++++++++++++++++++---------------------------- 1 file changed, 47 insertions(+), 33 deletions(-) (limited to 'NEWS') diff --git a/NEWS b/NEWS index 961abe0b..a21ac499 100644 --- a/NEWS +++ b/NEWS @@ -4,21 +4,36 @@ Copyright (C) 1998-2005 by the Free Software Foundation, Inc. Here is a history of user visible changes to Mailman. -2.1.6 (XX-May-2005) +2.1.6 (30-May-2005) - - Mail-to-news gateway now strips subject prefix off from a response - by a mail user if news_prefix_subject_too is not set. + Security - Critical security patch for path traversal vulnerability in private archive script (CAN-2005-0202). - - Date and Message-Id headers are added for digests. (1116952) + - Added the ability for Mailman generated passwords (both member and list + admin) to be more cryptographically secure. See new configuration + variables USER_FRIENDLY_PASSWORDS, MEMBER_PASSWORD_LENGTH, and + ADMIN_PASSWORD_LENGTH. Also added a new bin/withlist script called + reset_pw.py which can be used to reset all member passwords. Passwords + generated by Mailman are now 8 characters by default for members, and 10 + characters for list administrators. - - List owners can now cusomize the non-member rejection notice from - admin//privacy/sender page. (1107169) + - A potential cross-site scripting hole in the driver script has been + closed. Thanks to Florian Weimer for its discovery. Also, turn + STEALTH_MODE on by default. - - Most of the installation instructions have been moved to a latex - document. See admin/www/mailman-install/index.html for details. + Internationalization + + - Chinese languages are now supported. They have been moved from 'big5' + and 'gb' to 'zh_TW' and 'zh_CN' respectively for compliance to the IANA + spec. Note, however, that the character sets were changed from 'Big5' + or 'GB2312' to 'UTF-8' to cope with the insufficient codecs support in + Python 2.3 and earlier. You may have to install Chinese capable codecs + (like CJKCodecs) separately to handle the incoming messages which are in + local charsets, or upgrade your Python to 2.4 or newer. + + Behavior or defaults changes - VERP_PROBES is disabled by default. @@ -32,31 +47,13 @@ Here is a history of user visible changes to Mailman. than the old 'mylist@hostname' syntax (which is still supported for backward compatibility, but deprecated). - - Added the ability for Mailman generated passwords (both member and list - admin) to be more cryptographically secure. See new configuration - variables USER_FRIENDLY_PASSWORDS, MEMBER_PASSWORD_LENGTH, and - ADMIN_PASSWORD_LENGTH. Also added a new bin/withlist script called - reset_pw.py which can be used to reset all member passwords. Passwords - generated by Mailman are now 8 characters by default for members, and 10 - characters for list administrators. - - - Allow editing of the welcome message from the admin page (1085501). - - - A potential cross-site scripting hole in the driver script has been - closed. Thanks to Florian Weimer for its discovery. Also, turn - STEALTH_MODE on by default. - - - Chinese languages moved from 'big5' and 'gb' to 'zh_TW' and 'zh_CN' - respectively for compliance to the IANA spec. Note, however, that the - character sets were changed from 'Big5' or 'GB2312' to 'UTF-8' to cope - with the insufficient codecs support in Python 2.3 and earlier. You - may have to install Chinese capable codecs (like CJKCodecs) separately - to handle the incoming messages which are in local charsets, or upgrade - your Python to 2.4 or newer. + Compatibility - Python 2.4 compatibility issue: time.strftime() became strict about the 'day of year' range. (1078482) + New Features + - New feature: automatic discards of held messages. List owners can now set how many days to hold the messages in the moderator request queue. cron/checkdb will automatically discard old messages. See the @@ -64,10 +61,6 @@ Here is a history of user visible changes to Mailman. DEFAULT_MAX_DAYS_TO_HOLD in Defaults.py. This defaults to 0 (i.e. disabled). (790494) - - Improved mail address sanity check. (1030228) - - - SpamDetect.py now checks attachment header. (1026977) - - New feature: subject_prefix can be configured to include a sequence number which is taken from the post_id variable. Also, the prefix is always put at the start of the subject, i.e. "[list-name] Re: original @@ -76,12 +69,33 @@ Here is a history of user visible changes to Mailman. If the list owner is using numbering feature by "%d" directive, the new style, "[list-name 123] Re:", is always used. + - List owners can now cusomize the non-member rejection notice from + admin//privacy/sender page. (1107169) + + - Allow editing of the welcome message from the admin page (1085501). + - List owners can now use Scrubber to get the attachments scrubbed (held in the web archive), if the site admin permits it in mm_cfg.py. New variables introduced are SCRUBBER_DONT_USE_ATTACHMENT_FILENAME and SCRUBBER_USE_ATTACHMENT_FILENAME_EXTENSION in Defaults.py for scrubber behavior. (904850) + Documentation + + - Most of the installation instructions have been moved to a latex + document. See admin/www/mailman-install/index.html for details. + + Bug fixes and other patches + + - Mail-to-news gateway now strips subject prefix off from a response + by a mail user if news_prefix_subject_too is not set. + + - Date and Message-Id headers are added for digests. (1116952) + + - Improved mail address sanity check. (1030228) + + - SpamDetect.py now checks attachment header. (1026977) + - Filter attachments by filename extensions. (1027882) - Bugs and patches: 955381 (older Python compatibility), 1020102/1013079/ -- cgit v1.2.3