GNU Mailman

Download project files

How do I verify a download?


3140 of 70 releases FirstLast

2.1.17 release from the 2.1 series released

Release information
Release notes:

2.1.17 (23-Nov-2013)

  New Features

    - Handling of posts gated from usenet to a list via the Mail <-> News
      gateway is changed. Formerly, no list membership, moderation or
      *_these_nonmembers checks were done. Now, if the sender of the usenet
      post is a moderated member or a nonmember matching a *_these_nonmembers
      filter, those checks will be done and actions applied. Nonmember posts
      from senders not matching a *_these_nonmembers filter are still accepted
      as before. (LP: #1252575)

    - There is a new mm_cfg.py setting ANONYMOUS_LIST_KEEP_HEADERS. Since it
      is not possible to know which non-standard headers in a message might
      reveal sender information, we now remove all headers from incoming posts
      to anonymous lists except tho...

Changelog:

2.1.17 (23-Nov-2013)

  New Features

    - Handling of posts gated from usenet to a list via the Mail <-> News
      gateway is changed. Formerly, no list membership, moderation or
      *_these_nonmembers checks were done. Now, if the sender of the usenet
      post is a moderated member or a nonmember matching a *_these_nonmembers
      filter, those checks will be done and actions applied. Nonmember posts
      from senders not matching a *_these_nonmembers filter are still accepted
      as before. (LP: #1252575)

    - There is a new mm_cfg.py setting ANONYMOUS_LIST_KEEP_HEADERS. Since it
      is not possible to know which non-standard headers in a message might
      reveal sender information, we now remove all headers from incoming posts
      to anonymous lists except those which match regular expressions in this
      list. The default setting keeps non X- headers except those known to
      reveal sender information, Mailman added X- headers and x-Spam- headers.
      See the description in Defaults.py for more information. (LP: #1246039)

  i18n

    - The Japanese message catalog has been updated by SATOH Fumiyasu.
      (LP: #1248855)

  Bug Fixes and other patches

    - Added a reopen command to the sample init.d script in misc/mailman.in.
      (LP: #1251917)

    - Fixed a misspelling in Tagger.py causing an "unexpected keyword argument
      'Delete'" exception. (LP: #1251495)

    - Fixed contrib/qmail-to-mailman.py to work with a user other than
      'mailman' and to recognize more listname-* addresses. (LP: #412293)

    - Fixed a possible UnicodeDecodeError in bin/sync_members. (LP: #1243343)

    - Fixed Makefile to not include $DESTDIR in paths compiled into .pyc
      files for traceback purposes. (LP: #1241770)

File Description Downloads
download icon mailman-2.1.17.tgz (md5, sig) GNU Mailman 2.1.17 349
last downloaded 19 weeks ago
Total downloads: 349

2.1.16 release from the 2.1 series released

Release information
Release notes:

2.1.16 (16-Oct-2013)

  New Features

    - There is a new list attribute from_is_list to either rewrite the From:
      header of posts replacing the posters address with that of the list or
      wrap the message in an outer message From: the list for compatability
      with DMARC and or ADSP. There is a new mm_cfg.py setting
      DEFAULT_FROM_IS_LIST to control the default for new lists, and the
      existing REMOVE_DKIM_HEADERS setting has been extended to allow removing
      those headers only for certain from_is_list lists. This feature must
      be enabled by setting ALLOW_FROM_IS_LIST to Yes in mm_cfg.py. See the
      description of these settings in Defaults.py for more detail. This
      feature is experimental in 2.1.16, and it is subject to change or to
      beco...

Changelog:

2.1.16 (16-Oct-2013)

  New Features

    - There is a new list attribute from_is_list to either rewrite the From:
      header of posts replacing the posters address with that of the list or
      wrap the message in an outer message From: the list for compatability
      with DMARC and or ADSP. There is a new mm_cfg.py setting
      DEFAULT_FROM_IS_LIST to control the default for new lists, and the
      existing REMOVE_DKIM_HEADERS setting has been extended to allow removing
      those headers only for certain from_is_list lists. This feature must
      be enabled by setting ALLOW_FROM_IS_LIST to Yes in mm_cfg.py. See the
      description of these settings in Defaults.py for more detail. This
      feature is experimental in 2.1.16, and it is subject to change or to
      become just one of the two methods in a subsequent release. People
      interested in this feature are encouraged to try it and report their
      experiences to the <email address hidden> list.

    - There is a new DISPLAY_HELD_SUMMARY_SORT_BUTTONS setting which if set
      in mm_cfg.py will display a set of radio buttons in the admindb held
      message summary to select how the held messages are sorted and grouped
      for display. The exact setting determines the default grouping and
      sorting. See the description in Defaults.py for details.

    - Setting digest_size_threshhold to zero now means no digests will be
      sent based on size instead of a digest being sent with every post.
      (LP: #558274)

    - There is a new mm_cfg.py setting SUBSCRIBE_FORM_SECRET which will put
      a dynamically generated, hidden hash in the listinfo subscribe form and
      check it upon submission. Setting this will prevent automated processes
      (bots) from successfully POSTing web subscribes without first retrieving
      and parsing the form from the listinfo page. The form must also be
      submitted no later than FORM_LIFETIME nor no earlier than
      SUBSCRIBE_FORM_MIN_TIME after retrieval. Note that enabling this will
      break any static subscribe forms on your site. See the description in
      Defaults.py for more info. (LP: #1082746)

    - add_members now has an option to add members with mail delivery disabled
      by admin. (LP: #1070574)

    - IncomingRunner now logs rejected messages to the vette log.
      (LP: #1068837)

    - The name of the mailmanctl master lock file is now congigurable via the
      mm_cfg.py setting MASTER_LOCK_FILE. (LP: #1082308)

    - list_lists now has an option to list only lists with public archives.
      (LP: #1082711)

  Contributed programs

    - A new import_majordomo_into_mailman.pl script has been contributed by
      Geoff Mayes. (LP: #1129742)

    - A new "sitemap" bash script has been contributed by Tomasz Chmielewski
      <email address hidden> to generate a sitemap.xml file of an installation's
      public archives for submission to search engines.

  i18n

    - The Danish translation has been updated thanks to Tom Christensen.

    - Fixed a string in the Czech message catalog. (LP: #1234567)

    - A Farsi (Persian) translation has been added thanks to Javad Hoseini and
      Mahyar Moghimi.

    - Fixed several misspelled or garbled string replacements in the Spanish
      message catalog. (LP: #1160138)

    - pt_BR message catalog has two new and an updated message per Hugo Koji
      Kobayashi. (LP: #1138578)

    - German message catalog has been updated per Ralf Hildebrandt.

    - Corrected typo in templates/it/private.html.

  Bug Fixes and other patches

    - Fixed a crash in SpamDetect.py which caused messages with unparseable
      RFC 2047 encoded headers to be shunted. (LP: #1235101)

    - Fixed cron/disabled to send a fresh cookie when notifying disabled
      members. (LP: #1203200)

    - Added "message_id" to the interpolation dictionary for the Article.html
      template. (LP: #725498)

    - Changed the admin GUI to report only the bad entries in a list of email
      addresses if any are bad. (LP: #558253)

    - Added logging for template errors in HyperArch.py. (LP: #558254)

    - Added more explanation to the bad owner address message from
      bin/newlist. (LP: #1200763)

    - Fixed a bug causing the admin web interface to fail CSRF checking if
      the list name contains a '+' character. (LP: #1190802)

    - Fixed bin/mailmanctl -s to not remove the master lock if it can't be
      determined to be truly stale. (LP: #1189558)

    - It is no longer possible to add 'invalid' addresses to the ban_list
      and the *_these_nonmembers filters from the check boxes on the admindb
      interface. (LP: #1187201)

    - Backported recognition for mail.ru DSNs and minor bug fixes from
      lp:flufl.bounce. (LP: #1074592, LP: #1079249 and #1079254)

    - Defended against buggy web servers that don't include an empty
      QUERY_STRING in the CGI environment. (LP: #1160647)

    - The Switchboard.finish() method now logs the text of the exception when
      it fails to unlink/preserve a .bak file. (LP: #1165589)

    - The pending (un)subscriptions waiting approval are now sorted by email
      address in the admindb interface as intended. (LP: #1164160)

    - The subscribe log entry for a bin/add_members subscribe now identifies
      bin/add_members as the source. (LP: #1161642)

    - Fixed a bug where the Subject: of the user notification of a
      bin/remove_members unsubscribe was not in the user's language.
      (LP: #1161445)

    - Fixed a bug where BounceRunner could create and leave behind zero length
      bounce-events files. (LP: #1161610)

    - Added recognition for another Yahoo bounce format. (LP: #1157961)

    - Changed configure's method for getting Python's include directory from
      distutils.sysconfig.get_config_var('CONFINCLUDEPY') to
      distutils.sysconfig.get_python_inc(). (LP: #1098162)

    - Added an Auto-Generated: header to password reminders. (LP: #558240)

    - Fixed a bug where non-ascii characters in the real name in a subscription
      request could throw a UnicodeEncodeError upon subscription approval and
      perhaps in other situations too. (LP: #1047100)

    - The query fragments send_unsub_notifications_to_list_owner and
      send_unsub_ack_to_this_batch will now assume default values if not set
      in mass unsubscribe URLs. (LP: #1032378)

    - Replaced utf-8 encoded characters in newly added German templates with
      HTML entities. (LP: #1018208)

File Description Downloads
download icon mailman-2.1.16.tgz (md5, sig) Mailman 2.1.16 207
last downloaded 3 weeks ago
Total downloads: 207

2.1.16rc3 release from the 2.1 series released

Release information
Release notes:

  New Features

    - There is a new list attribute from_is_list to either rewrite the From:
      header of posts replacing the posters address with that of the list or
      wrap the message in an outer message From: the list for compatability
      with DMARC and or ADSP. There is a new mm_cfg.py setting
      DEFAULT_FROM_IS_LIST to control the default for new lists, and the
      existing REMOVE_DKIM_HEADERS setting has been extended to allow removing
      those headers only for certain from_is_list lists. This feature must
      be enabled by setting ALLOW_FROM_IS_LIST to Yes in mm_cfg.py. See the
      description of these settings in Defaults.py for more detail. This
      feature is experimental in 2.1.16, and it is subject to change or to
      become just one of the two...

Changelog:

  New Features

    - There is a new list attribute from_is_list to either rewrite the From:
      header of posts replacing the posters address with that of the list or
      wrap the message in an outer message From: the list for compatability
      with DMARC and or ADSP. There is a new mm_cfg.py setting
      DEFAULT_FROM_IS_LIST to control the default for new lists, and the
      existing REMOVE_DKIM_HEADERS setting has been extended to allow removing
      those headers only for certain from_is_list lists. This feature must
      be enabled by setting ALLOW_FROM_IS_LIST to Yes in mm_cfg.py. See the
      description of these settings in Defaults.py for more detail. This
      feature is experimental in 2.1.16, and it is subject to change or to
      become just one of the two methods in a subsequent release. People
      interested in this feature are encouraged to try it and report their
      experiences to the <email address hidden> list.

    - There is a new DISPLAY_HELD_SUMMARY_SORT_BUTTONS setting which if set
      in mm_cfg.py will display a set of radio buttons in the admindb held
      message summary to select how the held messages are sorted and grouped
      for display. The exact setting determines the default grouping and
      sorting. See the description in Defaults.py for details.

    - Setting digest_size_threshhold to zero now means no digests will be
      sent based on size instead of a digest being sent with every post.
      (LP: #558274)

    - There is a new mm_cfg.py setting SUBSCRIBE_FORM_SECRET which will put
      a dynamically generated, hidden hash in the listinfo subscribe form and
      check it upon submission. Setting this will prevent automated processes
      (bots) from successfully POSTing web subscribes without first retrieving
      and parsing the form from the listinfo page. The form must also be
      submitted no later than FORM_LIFETIME nor no earlier than
      SUBSCRIBE_FORM_MIN_TIME after retrieval. Note that enabling this will
      break any static subscribe forms on your site. See the description in
      Defaults.py for more info. (LP: #1082746)

    - add_members now has an option to add members with mail delivery disabled
      by admin. (LP: #1070574)

    - IncomingRunner now logs rejected messages to the vette log.
      (LP: #1068837)

    - The name of the mailmanctl master lock file is now congigurable via the
      mm_cfg.py setting MASTER_LOCK_FILE. (LP: #1082308)

    - list_lists now has an option to list only lists with public archives.
      (LP: #1082711)

  Contributed programs

    - A new import_majordomo_into_mailman.pl script has been contributed by
      Geoff Mayes. (LP: #1129742)

    - A new "sitemap" bash script has been contributed by Tomasz Chmielewski
      <email address hidden> to generate a sitemap.xml file of an installation's
      public archives for submission to search engines.

  i18n

    - A Farsi (Persian) translation has been added thanks to Javad Hoseini and
      Mahyar Moghimi.

    - Fixed several misspelled or garbled string replacements in the Spanish
      message catalog. (LP: #1160138)

    - pt_BR message catalog has two new and an updated message per Hugo Koji
      Kobayashi. (LP: #1138578)

    - German message catalog has been updated per Ralf Hildebrandt.

    - Corrected typo in templates/it/private.html.

  Bug Fixes and other patches

    - Fixed cron/disabled to send a fresh cookie when notifying disabled
      members. (LP: #1203200)

    - Added "message_id" to the interpolation dictionary for the Article.html
      template. (LP: #725498)

    - Changed the admin GUI to report only the bad entries in a list of email
      addresses if any are bad. (LP: #558253)

    - Added logging for template errors in HyperArch.py. (LP: #558254)

    - Added more explanation to the bad owner address message from
      bin/newlist. (LP: #1200763)

    - Fixed a bug causing the admin web interface to fail CSRF checking if
      the list name contains a '+' character. (LP: #1190802)

    - Fixed bin/mailmanctl -s to not remove the master lock if it can't be
      determined to be truly stale. (LP: #1189558)

    - It is no longer possible to add 'invalid' addresses to the ban_list
      and the *_these_nonmembers filters from the check boxes on the admindb
      interface. (LP: #1187201)

    - Backported recognition for mail.ru DSNs and minor bug fixes from
      lp:flufl.bounce. (LP: #1074592, LP: #1079249 and #1079254)

    - Defended against buggy web servers that don't include an empty
      QUERY_STRING in the CGI environment. (LP: #1160647)

    - The Switchboard.finish() method now logs the text of the exception when
      it fails to unlink/preserve a .bak file. (LP: #1165589)

    - The pending (un)subscriptions waiting approval are now sorted by email
      address in the admindb interface as intended. (LP: #1164160)

    - The subscribe log entry for a bin/add_members subscribe now identifies
      bin/add_members as the source. (LP: #1161642)

    - Fixed a bug where the Subject: of the user notification of a
      bin/remove_members unsubscribe was not in the user's language.
      (LP: #1161445)

    - Fixed a bug where BounceRunner could create and leave behind zero length
      bounce-events files. (LP: #1161610)

    - Added recognition for another Yahoo bounce format. (LP: #1157961)

    - Changed configure's method for getting Python's include directory from
      distutils.sysconfig.get_config_var('CONFINCLUDEPY') to
      distutils.sysconfig.get_python_inc(). (LP: #1098162)

    - Added an Auto-Generated: header to password reminders. (LP: #558240)

    - Fixed a bug where non-ascii characters in the real name in a subscription
      request could throw a UnicodeEncodeError upon subscription approval and
      perhaps in other situations too. (LP: #1047100)

    - The query fragments send_unsub_notifications_to_list_owner and
      send_unsub_ack_to_this_batch will now assume default values if not set
      in mass unsubscribe URLs. (LP: #1032378)

    - Replaced utf-8 encoded characters in newly added German templates with
      HTML entities. (LP: #1018208)

File Description Downloads
download icon mailman-2.1.16rc3.tgz (md5, sig) Mailman 2.1.16rc3 25
last downloaded 19 weeks ago
Total downloads: 25

2.1.16rc2 release from the 2.1 series released

Release information
Release notes:

  New Features

    - There is a new list attribute author_is_list to rewrite the From: header
      of posts replacing the posters address with that of the list for
      compatability with DMARC and or ADSP. There is a new mm_cfg.py setting
      DEFAULT_AUTHOR_IS_LIST to control the default for new lists, and the
      existing REMOVE_DKIM_HEADERS setting has been extended to allow removing
      those headers only for author_is_list = Yes lists. This feature must be
      enabled by setting ALLOW_AUTHOR_IS_LIST to Yes in mm_cfg.py.

    - There is a new DISPLAY_HELD_SUMMARY_SORT_BUTTONS setting which if set
      in mm_cfg.py will display a set of radio buttons in the admindb held
      message summary to select how the held messages are sorted and grouped
      for display. The e...

Changelog:

  New Features

    - There is a new list attribute author_is_list to rewrite the From: header
      of posts replacing the posters address with that of the list for
      compatability with DMARC and or ADSP. There is a new mm_cfg.py setting
      DEFAULT_AUTHOR_IS_LIST to control the default for new lists, and the
      existing REMOVE_DKIM_HEADERS setting has been extended to allow removing
      those headers only for author_is_list = Yes lists. This feature must be
      enabled by setting ALLOW_AUTHOR_IS_LIST to Yes in mm_cfg.py.

    - There is a new DISPLAY_HELD_SUMMARY_SORT_BUTTONS setting which if set
      in mm_cfg.py will display a set of radio buttons in the admindb held
      message summary to select how the held messages are sorted and grouped
      for display. The exact setting determines the default grouping and
      sorting. See the description in Defaults.py for details.

    - Setting digest_size_threshhold to zero now means no digests will be
      sent based on size instead of a digest being sent with every post.
      (LP: #558274)

    - There is a new mm_cfg.py setting SUBSCRIBE_FORM_SECRET which will put
      a dynamically generated, hidden hash in the listinfo subscribe form and
      check it upon submission. Setting this will prevent automated processes
      (bots) from successfully POSTing web subscribes without first retrieving
      and parsing the form from the listinfo page. The form must also be
      submitted no later than FORM_LIFETIME nor no earlier than
      SUBSCRIBE_FORM_MIN_TIME after retrieval. Note that enabling this will
      break any static subscribe forms on your site. See the description in
      Defaults.py for more info. (LP: #1082746)

    - add_members now has an option to add members with mail delivery disabled
      by admin. (LP: #1070574)

    - IncomingRunner now logs rejected messages to the vette log.
      (LP: #1068837)

    - The name of the mailmanctl master lock file is now congigurable via the
      mm_cfg.py setting MASTER_LOCK_FILE. (LP: #1082308)

    - list_lists now has an option to list only lists with public archives.
      (LP: #1082711)

  Contributed programs

    - A new import_majordomo_into_mailman.pl script has been contributed by
      Geoff Mayes. (LP: #1129742)

    - A new "sitemap" bash script has been contributed by Tomasz Chmielewski
      <email address hidden> to generate a sitemap.xml file of an installation's
      public archives for submission to search engines.

  i18n

    - A Farsi (Persian) translation has been added thanks to Javad Hoseini and
      Mahyar Moghimi.

    - Fixed several misspelled or garbled string replacements in the Spanish
      message catalog. (LP: #1160138)

    - pt_BR message catalog has two new and an updated message per Hugo Koji
      Kobayashi. (LP: #1138578)

    - German message catalog has been updated per Ralf Hildebrandt.

    - Corrected typo in templates/it/private.html.

  Bug Fixes and other patches

    - Fixed cron/disabled to send a fresh cookie when notifying disabled
      members. (LP: #1203200)

    - Added "message_id" to the interpolation dictionary for the Article.html
      template. (LP: #725498)

    - Changed the admin GUI to report only the bad entries in a list of email
      addresses if any are bad. (LP: #558253)

    - Added logging for template errors in HyperArch.py. (LP: #558254)

    - Added more explanation to the bad owner address message from
      bin/newlist. (LP: #1200763)

    - Fixed a bug causing the admin web interface to fail CSRF checking if
      the list name contains a '+' character. (LP: #1190802)

    - Fixed bin/mailmanctl -s to not remove the master lock if it can't be
      determined to be truly stale. (LP: #1189558)

    - It is no longer possible to add 'invalid' addresses to the ban_list
      and the *_these_nonmembers filters from the check boxes on the admindb
      interface. (LP: #1187201)

    - Backported recognition for mail.ru DSNs and minor bug fixes from
      lp:flufl.bounce. (LP: #1074592, LP: #1079249 and #1079254)

    - Defended against buggy web servers that don't include an empty
      QUERY_STRING in the CGI environment. (LP: #1160647)

    - The Switchboard.finish() method now logs the text of the exception when
      it fails to unlink/preserve a .bak file. (LP: #1165589)

    - The pending (un)subscriptions waiting approval are now sorted by email
      address in the admindb interface as intended. (LP: #1164160)

    - The subscribe log entry for a bin/add_members subscribe now identifies
      bin/add_members as the source. (LP: #1161642)

    - Fixed a bug where the Subject: of the user notification of a
      bin/remove_members unsubscribe was not in the user's language.
      (LP: #1161445)

    - Fixed a bug where BounceRunner could create and leave behind zero length
      bounce-events files. (LP: #1161610)

    - Added recognition for another Yahoo bounce format. (LP: #1157961)

    - Changed configure's method for getting Python's include directory from
      distutils.sysconfig.get_config_var('CONFINCLUDEPY') to
      distutils.sysconfig.get_python_inc(). (LP: #1098162)

    - Added an Auto-Generated: header to password reminders. (LP: #558240)

    - Fixed a bug where non-ascii characters in the real name in a subscription
      request could throw a UnicodeEncodeError upon subscription approval and
      perhaps in other situations too. (LP: #1047100)

    - The query fragments send_unsub_notifications_to_list_owner and
      send_unsub_ack_to_this_batch will now assume default values if not set
      in mass unsubscribe URLs. (LP: #1032378)

    - Replaced utf-8 encoded characters in newly added German templates with
      HTML entities. (LP: #1018208)

File Description Downloads
download icon mailman-2.1.16rc2.tgz (md5, sig) Mailman 2.1.16rc2 71
last downloaded 19 weeks ago
Total downloads: 71

2.1.16rc1 release from the 2.1 series released

Release information
Release notes:

2.1.16rc1 (14-Aug-2013)

  New Features

    - Setting digest_size_threshhold to zero now means no digests will be
      sent based on size instead of a digest being sent with every post.
      (LP: #558274)

    - There is a new mm_cfg.py setting SUBSCRIBE_FORM_SECRET which will put
      a dynamically generated, hidden hash in the listinfo subscribe form and
      check it upon submission. Setting this will prevent automated processes
      (bots) from successfully POSTing web subscribes without first retrieving
      and parsing the form from the listinfo page. The form must also be
      submitted no later than FORM_LIFETIME nor no earlier than
      SUBSCRIBE_FORM_MIN_TIME after retrieval. Note that enabling this will
      break any static subscribe forms on your site. See the...

Changelog:

2.1.16rc1 (14-Aug-2013)

  New Features

    - Setting digest_size_threshhold to zero now means no digests will be
      sent based on size instead of a digest being sent with every post.
      (LP: #558274)

    - There is a new mm_cfg.py setting SUBSCRIBE_FORM_SECRET which will put
      a dynamically generated, hidden hash in the listinfo subscribe form and
      check it upon submission. Setting this will prevent automated processes
      (bots) from successfully POSTing web subscribes without first retrieving
      and parsing the form from the listinfo page. The form must also be
      submitted no later than FORM_LIFETIME nor no earlier than
      SUBSCRIBE_FORM_MIN_TIME after retrieval. Note that enabling this will
      break any static subscribe forms on your site. See the description in
      Defaults.py for more info. (LP: #1082746)

    - add_members now has an option to add members with mail delivery disabled
      by admin. (LP: #1070574)

    - IncomingRunner now logs rejected messages to the vette log.
      (LP: #1068837)

    - The name of the mailmanctl master lock file is now congigurable via the
      mm_cfg.py setting MASTER_LOCK_FILE. (LP: #1082308)

    - list_lists now has an option to list only lists with public archives.
      (LP: #1082711)

  Contributed programs

    - A new import_majordomo_into_mailman.pl script has been contributed by
      Geoff Mayes. (LP: #1129742)

    - A new "sitemap" bash script has been contributed by Tomasz Chmielewski
      <email address hidden> to generate a sitemap.xml file of an installation's
      public archives for submission to search engines.

  i18n

    - A Farsi (Persian) translation has been added thanks to Javad Hoseini and
      Mahyar Moghimi.

    - Fixed several misspelled or garbled string replacements in the Spanish
      message catalog. (LP: #1160138)

    - pt_BR message catalog has two new and an updated message per Hugo Koji
      Kobayashi. (LP: #1138578)

    - German message catalog has been updated per Ralf Hildebrandt.

    - Corrected typo in templates/it/private.html.

  Bug Fixes and other patches

    - Added "message_id" to the interpolation dictionary for the Article.html
      template. (LP: #725498)

    - Changed the admin GUI to report only the bad entries in a list of email
      addresses if any are bad. (LP: #558253)

    - Added logging for template errors in HyperArch.py. (LP: #558254)

    - Added more explanation to the bad owner address message from
      bin/newlist. (LP: #1200763)

    - Fixed a bug causing the admin web interface to fail CSRF checking if
      the list name contains a '+' character. (LP: #1190802)

    - Fixed bin/mailmanctl -s to not remove the master lock if it can't be
      determined to be truly stale. (LP: #1189558)

    - It is no longer possible to add 'invalid' addresses to the ban_list
      and the *_these_nonmembers filters from the check boxes on the admindb
      interface. (LP: #1187201)

    - Backported recognition for mail.ru DSNs and minor bug fixes from
      lp:flufl.bounce. (LP: #1074592, LP: #1079249 and #1079254)

    - Defended against buggy web servers that don't include an empty
      QUERY_STRING in the CGI environment. (LP: #1160647)

    - The Switchboard.finish() method now logs the text of the exception when
      it fails to unlink/preserve a .bak file. (LP: #1165589)

    - The pending (un)subscriptions waiting approval are now sorted by email
      address in the admindb interface as intended. (LP: #1164160)

    - The subscribe log entry for a bin/add_members subscribe now identifies
      bin/add_members as the source. (LP: #1161642)

    - Fixed a bug where the Subject: of the user notification of a
      bin/remove_members unsubscribe was not in the user's language.
      (LP: #1161445)

    - Fixed a bug where BounceRunner could create and leave behind zero length
      bounce-events files. (LP: #1161610)

    - Added recognition for another Yahoo bounce format. (LP: #1157961)

    - Changed configure's method for getting Python's include directory from
      distutils.sysconfig.get_config_var('CONFINCLUDEPY') to
      distutils.sysconfig.get_python_inc(). (LP: #1098162)

    - Added an Auto-Generated: header to password reminders. (LP: #558240)

    - Fixed a bug where non-ascii characters in the real name in a subscription
      request could throw a UnicodeEncodeError upon subscription approval and
      perhaps in other situations too. (LP: #1047100)

    - The query fragments send_unsub_notifications_to_list_owner and
      send_unsub_ack_to_this_batch will now assume default values if not set
      in mass unsubscribe URLs. (LP: #1032378)

    - Replaced utf-8 encoded characters in newly added German templates with
      HTML entities. (LP: #1018208)

File Description Downloads
download icon mailman-2.1.16rc1.tgz (md5, sig) Mailman 2.1.16rc1 32
last downloaded 6 weeks ago
Total downloads: 32

2.1.15 release from the 2.1 series released

Release information
Release notes:

This is the final release of Mailman 2.1.15. It has security fixes, new features and bug fixes. Please see the Changelog for details.

Changelog:

  Security

    - Strengthened the validation of email addresses.

    - An XSS vulnerability, CVE-2011-0707, has been fixed.

    - The web admin interface has been hardened against CSRF attacks by adding
      a hidden, encrypted token with a time stamp to form submissions and not
      accepting authentication by cookie if the token is missing, invalid or
      older than the new mm_cfg.py setting FORM_LIFETIME which defaults to one
      hour. Posthumous thanks go to Tokio Kikuchi for this implementation
      which is only one of his many contributions to Mailman prior to his
      death from cancer on 14 January 2012.

  New Features

    - Added a password reminder button to the private archive login page.
      Backported from the 2.2 branch.

    - There is a new list attribute regular_exclude_ignore set from mm_cfg.py
      DEFAULT_REGULAR_EXCLUDE_IGNORE. This defaults to True even though the
      prior behavior is equivalent to False. A True setting will ignore an
      exclude list if the poster is not a member of that list. The False
      setting can result in list members not receiving posts if the nonmember
      post is not accepted by the exclude list. Backported from 2.2 branch.

    - Eliminated the list cache from the qrunners. Indirect self-references
      caused lists to never be dropped from the cache which in turn caused
      the qrunners to grow very large in installations with many lists or
      multiple large lists. Bug #862683.

    - The user options 'list my other subscriptions' page now indicates for
      each list if the subscription is 'nomail' or 'digest'. Bug #793669.

    - A new list poster password has been implemented. This password may only
      be used in Approved: or X-Approved: headers for pre-approving posts.
      Using this password for that purpose precludes compromise of a more
      valuable password sent in plain text email. Bug #770581.

    - A new mm_cfg.py setting AUTHENTICATION_COOKIE_LIFETIME has been added.
      If this is set to a non-zero value, web authentication cookies will
      expire that many seconds following their last use. Its default value is
      zero to preserve current behavior.

    - A new mm_cfg.py setting RESPONSE_INCLUDE_LEVEL has been added to control
      how much of the original message is included in automatic responses to
      email commands. The default is 2 to preserve the prior behavior of
      including the full message. Setting this to 1 in mm_cfg.py will include
      only the original headers, and 0 will include none of the original. It
      is recommended to set this to 0 in mm_cfg.py to minimize the effects of
      backscatter. Bug #265835.

    - A new mm_cfg.py setting DEFAULT_RESPOND_TO_POST_REQUESTS has been added
      to control the default for respond_to_post_requests for new lists. It is
      set to Yes for backwards compatibility, but it is recommended that
      serious consideration be given to setting it to No. Bug #266051.

    - A new mm_cfg.py setting DISCARD_MESSAGE_WITH_NO_COMMAND has been added to
      control whether a message to the -request address without any commands or
      a message to -confirm whose To: address doesn't match VERP_CONFIRM_REGEXP
      is responded to or just logged. It defaults to Yes which is different
      from prior behavior. Bug #410236.

    - Two new mm_cfg.py settings, BROKEN_BROWSER_WORKAROUND and
      BROKEN_BROWSER_REPLACEMENTS, have been added to control escaping of
      additional characters beyond the standard <, >, &, and " in the web UI.
      See the documentation of these settings in Defaults.py. The default
      values for these settings result in no change from the prior release.
      Bug #774588.

  i18n

    - Added some missing German templates from Egon Frerich.

    - Added Greek translation from Antonis Limperis.

    - A few errors in the Basque translation are fixed. Bug #836861.

    - Fixed a misspelling in the German invite.txt template. Bug #815444.

    - Fixed a missing format character in the Spanish translation.
      Bug #670988.

    - Thanks go to the following for updating translations for the changes in
      this release.
        Thijs Kinkhorst
        Stefan Förster
        Fabian Wenk

  Bug Fixes and other patches

    - Fixed a bug that could send an admin notice of a held subscription with
      the subject in the user's preferred language instead of the list's
      preferred language and possibly not properly RFC 2047 encoded.
      (LP: #998949)

    - Fixed a possible CPU bound loop in OutgoingRunner if the attempt to
      Connect to the SMTP server throws a socket.error. (LP: #966531)

    - Fixed a potential crash in the web UI if a language is removed from the
      LC_DESCRIPTIONS dictionary. (LP: #966565)

    - Added an Auto-Submitted: header to invitations and (un)subscription
      confirmation requests to reduce the possibility of an autoresponder
      confirming the request. (LP: #265831)

    - Added javascript to the private.html and admlogin.html templates to
      focus the cursor on the entry field. (LP: #266054)

    - Added CPPFLAGS and LDFLAGS to src/Makefile to support their use.
      (LP: #637652)

    - Stopped removing the trailing slash from the List-Archive: header URL.
      (LP: #964190)

    - A configured version of contrib/courier-to-mailman.py is now created in
      build/contrib/courier-to-mailman.py. (LP: #999250)

    - Subscription disabled warnings are now sent without a Precedence:
      header. Bug #808821.

    - Backported 2.2 branch fix for a problem in SpamDetect.py that could
      cause header_filter_rules to fail to match RFC 2047 encoded headers.

    - Fix for bug #629738 could cause a crash in the admindb details display
      if the decoded message body contained characters not in the character
      set of the list's preferred language. Fixed. Bug #910440.

    - Added recognition for another Qmail bounce format.

    - Fixed an erroneous seek in the Mailman.Mailbox.Mailbox.AppendMessage
      method that could cause a corrupt mailbox for files opened 'w+'.
      Bug #901957.

    - A held message with a null sender caused a crash in the admindb
      interface. This is fixed by changing the sender to <missing>.
      Bug #897103.

    - Changed subject prefixing to allow for possible whitespace between an
      'Re' and the following colon when determining how to add the prefix.
      Bug #893290.

    - Fixed a problem where topics regexps would not match RFC 2047 encoded
      Keywords: and/or Subject: headers. Bug #891676.

    - Fixed misleading response to an email approval of a held message.
      Bug #889968.

    - Added masthead.txt to the list of templates that can be edited via the
      web admin interface. Bug #266805.

    - Changed the way digest_footer is added to the RFC 1153 (plain) format
      digest for RFC compliance. Bug #887610.

    - Fixed cron/checkdbs to report unsubscriptions waiting approval.
      Bug #873821.

    - The fix for BUG #266220 (sf1181161) has been enhanced so that if there
      is a pathological HTML part such that the Approved: password text isn't
      found, but it is found after stripping out HTML tags, the post is
      rejected with an informative message.

    - A bug that would cause reset of any new_member_options bits other than
      the four displayed as checkboxes on the list admin General Options page
      whenever the page was updated or bin/config_list attempted to update
      new_member_options has been fixed. Bug #865825.

    - A problem with the logic avoiding unnecessarily reloading a current list
      object from the config.pck arises if the list is updated by another
      process within the same second that it was last read/written. That can
      cause the reading of latest version of the list to be skipped. This has
      been fixed. Bug #862675.

    - Fixed bin/export.py to accept case insensitive password schemes.
      Bug #833134.

    - Added Tokio Kikuchi's icons to the misc/ and installed icons/
      directories. Bug #782474.

    - Fixed a problem which could result in raw, undecoded message bodies
      appearing in plain digests and archives. Bug #787790.

    - Fixed a problem in admindb.py where the character set for the display of
      the message body excerpt was not correctly determined. Bug #779751.

    - Prevented setting user passwords with leading/trailing whitespace.
      Bug #778088.

    - Mailman now sets the 'secure' flag in cookies set via https URLs.
      Bug #770377.

    - Added a logout link to the admindb interface and made both admin and
      admindb logout effective for a site admin cookie if allowed.
      Bug #769318.

    - Replaced the old Mailman logos and icon that install to Mailman's icons
      directory with the new ones. If you copy these elsewhere on your
      server, please copy these new ones.

    - Changed bin/genaliases to only call the POSTFIX_*_CMD commands once when
      MTA = 'Postfix'. Bug #266408.

    - Added a report of the affected members to the warnings issued when
      setting a list with digest members digestable=No and when setting a list
      with non-digest members nondigestable=no. Bug #761232.

    - Fixed a problem where content filtering could remove the headers from
      an attached message/rfc822 part if the message in that part is
      multipart/alternative and collapse_alternatives is Yes. Bug #757062.

    - Changed the subscribe CGI to strip leading and trailing whitespace from
      the supplied email address. Bug #745432.

    - Changed the maximum number of arguments for the who command to be
      considered administrivia from 2 to 1 to help avoid false positives.
      Bug #739524.

    - Added the list name as 'display-name' in added Sender: headers to help
      mitigate Outlook et al 'on behalf of' displays. Bug #736849.

    - Fixed a typo in the usage() definition cron/gate_news. Bug #721015.

    - Fixed an uncaught KeyError when poster tries to cancel a post which was
      already handled. Bug #266224.

    - Held message user notifications now come From: list-owner instead of
      list-bounces. Bug #714424.

    - Issue an HTTP 404 status for private archive file not found.

    - @listname entries in *_these_nonmembers are no longer case sensitive.
      Bug #705715.

    - Changed bin/rmlist to also remove heldmsg files for the removed list and
      fixed a problem with removal of stale locks for the list. Bug #700528.

    - Fixed a bug where content filtering could leave a multipart message or
      part with just one sub-part. These should be recast to just the sub-part.
      Bug #701558.

    - Fixed a bug that could erroneously handle posts from addresses in
      *_these_nonmembers and send held/rejected notices to bogus addresses when
      The From or other sender header is RFC 2047 encoded. Bug #702516.

    - Updated contrib/mm-handler-2.1.10 to better handle lists with names that
      look like admin addresses. Bug #697161.

    - Added bounce recognition for a bogus Dovecot MDN. Bug #693134.

    - Fixed a problem where an emailed command in the Subject: header with a
      non-ascii l10n of an 'Re:' prefix is ignored. Bug #685261.

    - Fixed a problem with approving a post by email when the body of the
      approval mail is base64 encoded. Bug #677115.

    - Fixed the host name in the From: address of the owner notification from
      bin/add_members. Bug #666181.

File Description Downloads
download icon mailman-2.1.15.tgz (md5, sig) Mailman 2.1.15 final release 971
last downloaded 4 weeks ago
Total downloads: 971

2.1.15rc1 release from the 2.1 series released

Release information
Release notes:

This is the first release candidate for Mailman 2.1.15. It has security fixes, new features and bug fixes.

See the Changelog for details

Changelog:

2.1.15rc1 (15-May-2012)

  Security

    - Strengthened the validation of email addresses.

    - An XSS vulnerability, CVE-2011-0707, has been fixed.

    - The web admin interface has been hardened against CSRF attacks by adding
      a hidden, encrypted token with a time stamp to form submissions and not
      accepting authentication by cookie if the token is missing, invalid or
      older than the new mm_cfg.py setting FORM_LIFETIME which defaults to one
      hour. Posthumous thanks go to Tokio Kikuchi for this implementation
      which is only one of his many contributions to Mailman prior to his
      death from cancer on 14 January 2012.

  New Features

    - Added a password reminder button to the private archive login page.
      Backported from the 2.2 branch.

    - There is a new list attribute regular_exclude_ignore set from mm_cfg.py
      DEFAULT_REGULAR_EXCLUDE_IGNORE. This defaults to True even though the
      prior behavior is equivalent to False. A True setting will ignore an
      exclude list if the poster is not a member of that list. The False
      setting can result in list members not receiving posts if the nonmember
      post is not accepted by the exclude list. Backported from 2.2 branch.

    - Eliminated the list cache from the qrunners. Indirect self-references
      caused lists to never be dropped from the cache which in turn caused
      the qrunners to grow very large in installations with many lists or
      multiple large lists. Bug #862683.

    - The user options 'list my other subscriptions' page now indicates for
      each list if the subscription is 'nomail' or 'digest'. Bug #793669.

    - A new list poster password has been implemented. This password may only
      be used in Approved: or X-Approved: headers for pre-approving posts.
      Using this password for that purpose precludes compromise of a more
      valuable password sent in plain text email. Bug #770581.

    - A new mm_cfg.py setting AUTHENTICATION_COOKIE_LIFETIME has been added.
      If this is set to a non-zero value, web authentication cookies will
      expire that many seconds following their last use. Its default value is
      zero to preserve current behavior.

    - A new mm_cfg.py setting RESPONSE_INCLUDE_LEVEL has been added to control
      how much of the original message is included in automatic responses to
      email commands. The default is 2 to preserve the prior behavior of
      including the full message. Setting this to 1 in mm_cfg.py will include
      only the original headers, and 0 will include none of the original. It
      is recommended to set this to 0 in mm_cfg.py to minimize the effects of
      backscatter. Bug #265835.

    - A new mm_cfg.py setting DEFAULT_RESPOND_TO_POST_REQUESTS has been added
      to control the default for respond_to_post_requests for new lists. It is
      set to Yes for backwards compatibility, but it is recommended that
      serious consideration be given to setting it to No. Bug #266051.

    - A new mm_cfg.py setting DISCARD_MESSAGE_WITH_NO_COMMAND has been added to
      control whether a message to the -request address without any commands or
      a message to -confirm whose To: address doesn't match VERP_CONFIRM_REGEXP
      is responded to or just logged. It defaults to Yes which is different
      from prior behavior. Bug #410236.

    - Two new mm_cfg.py settings, BROKEN_BROWSER_WORKAROUND and
      BROKEN_BROWSER_REPLACEMENTS, have been added to control escaping of
      additional characters beyond the standard <, >, &, and " in the web UI.
      See the documentation of these settings in Defaults.py. The default
      values for these settings result in no change from the prior release.
      Bug #774588.

  i18n

    - Added some missing German templates from Egon Frerich.

    - Added Greek translation from Antonis Limperis.

    - A few errors in the Basque translation are fixed. Bug #836861.

    - Fixed a misspelling in the German invite.txt template. Bug #815444.

    - Fixed a missing format character in the Spanish translation.
      Bug #670988.

    - Thanks go to the following for updating translations for the changes in
      this release.
        Thijs Kinkhorst
        Stefan Förster
        Fabian Wenk

  Bug Fixes and other patches

    - Fixed a bug that could send an admin notice of a held subscription with
      the subject in the user's preferred language instead of the list's
      preferred language and possibly not properly RFC 2047 encoded.
      (LP: #998949)

    - Fixed a possible CPU bound loop in OutgoingRunner if the attempt to
      Connect to the SMTP server throws a socket.error. (LP: #966531)

    - Fixed a potential crash in the web UI if a language is removed from the
      LC_DESCRIPTIONS dictionary. (LP: #966565)

    - Added an Auto-Submitted: header to invitations and (un)subscription
      confirmation requests to reduce the possibility of an autoresponder
      confirming the request. (LP: #265831)

    - Added javascript to the private.html and admlogin.html templates to
      focus the cursor on the entry field. (LP: #266054)

    - Added CPPFLAGS and LDFLAGS to src/Makefile to support their use.
      (LP: #637652)

    - Stopped removing the trailing slash from the List-Archive: header URL.
      (LP: #964190)

    - A configured version of contrib/courier-to-mailman.py is now created in
      build/contrib/courier-to-mailman.py. (LP: #999250)

    - Subscription disabled warnings are now sent without a Precedence:
      header. Bug #808821.

    - Backported 2.2 branch fix for a problem in SpamDetect.py that could
      cause header_filter_rules to fail to match RFC 2047 encoded headers.

    - Fix for bug #629738 could cause a crash in the admindb details display
      if the decoded message body contained characters not in the character
      set of the list's preferred language. Fixed. Bug #910440.

    - Added recognition for another Qmail bounce format.

    - Fixed an erroneous seek in the Mailman.Mailbox.Mailbox.AppendMessage
      method that could cause a corrupt mailbox for files opened 'w+'.
      Bug #901957.

    - A held message with a null sender caused a crash in the admindb
      interface. This is fixed by changing the sender to <missing>.
      Bug #897103.

    - Changed subject prefixing to allow for possible whitespace between an
      'Re' and the following colon when determining how to add the prefix.
      Bug #893290.

    - Fixed a problem where topics regexps would not match RFC 2047 encoded
      Keywords: and/or Subject: headers. Bug #891676.

    - Fixed misleading response to an email approval of a held message.
      Bug #889968.

    - Added masthead.txt to the list of templates that can be edited via the
      web admin interface. Bug #266805.

    - Changed the way digest_footer is added to the RFC 1153 (plain) format
      digest for RFC compliance. Bug #887610.

    - Fixed cron/checkdbs to report unsubscriptions waiting approval.
      Bug #873821.

    - The fix for BUG #266220 (sf1181161) has been enhanced so that if there
      is a pathological HTML part such that the Approved: password text isn't
      found, but it is found after stripping out HTML tags, the post is
      rejected with an informative message.

    - A bug that would cause reset of any new_member_options bits other than
      the four displayed as checkboxes on the list admin General Options page
      whenever the page was updated or bin/config_list attempted to update
      new_member_options has been fixed. Bug #865825.

    - A problem with the logic avoiding unnecessarily reloading a current list
      object from the config.pck arises if the list is updated by another
      process within the same second that it was last read/written. That can
      cause the reading of latest version of the list to be skipped. This has
      been fixed. Bug #862675.

    - Fixed bin/export.py to accept case insensitive password schemes.
      Bug #833134.

    - Added Tokio Kikuchi's icons to the misc/ and installed icons/
      directories. Bug #782474.

    - Fixed a problem which could result in raw, undecoded message bodies
      appearing in plain digests and archives. Bug #787790.

    - Fixed a problem in admindb.py where the character set for the display of
      the message body excerpt was not correctly determined. Bug #779751.

    - Prevented setting user passwords with leading/trailing whitespace.
      Bug #778088.

    - Mailman now sets the 'secure' flag in cookies set via https URLs.
      Bug #770377.

    - Added a logout link to the admindb interface and made both admin and
      admindb logout effective for a site admin cookie if allowed.
      Bug #769318.

    - Replaced the old Mailman logos and icon that install to Mailman's icons
      directory with the new ones. If you copy these elsewhere on your
      server, please copy these new ones.

    - Changed bin/genaliases to only call the POSTFIX_*_CMD commands once when
      MTA = 'Postfix'. Bug #266408.

    - Added a report of the affected members to the warnings issued when
      setting a list with digest members digestable=No and when setting a list
      with non-digest members nondigestable=no. Bug #761232.

    - Fixed a problem where content filtering could remove the headers from
      an attached message/rfc822 part if the message in that part is
      multipart/alternative and collapse_alternatives is Yes. Bug #757062.

    - Changed the subscribe CGI to strip leading and trailing whitespace from
      the supplied email address. Bug #745432.

    - Changed the maximum number of arguments for the who command to be
      considered administrivia from 2 to 1 to help avoid false positives.
      Bug #739524.

    - Added the list name as 'display-name' in added Sender: headers to help
      mitigate Outlook et al 'on behalf of' displays. Bug #736849.

    - Fixed a typo in the usage() definition cron/gate_news. Bug #721015.

    - Fixed an uncaught KeyError when poster tries to cancel a post which was
      already handled. Bug #266224.

    - Held message user notifications now come From: list-owner instead of
      list-bounces. Bug #714424.

    - Issue an HTTP 404 status for private archive file not found.

    - @listname entries in *_these_nonmembers are no longer case sensitive.
      Bug #705715.

    - Changed bin/rmlist to also remove heldmsg files for the removed list and
      fixed a problem with removal of stale locks for the list. Bug #700528.

    - Fixed a bug where content filtering could leave a multipart message or
      part with just one sub-part. These should be recast to just the sub-part.
      Bug #701558.

    - Fixed a bug that could erroneously handle posts from addresses in
      *_these_nonmembers and send held/rejected notices to bogus addresses when
      The From or other sender header is RFC 2047 encoded. Bug #702516.

    - Updated contrib/mm-handler-2.1.10 to better handle lists with names that
      look like admin addresses. Bug #697161.

    - Added bounce recognition for a bogus Dovecot MDN. Bug #693134.

    - Fixed a problem where an emailed command in the Subject: header with a
      non-ascii l10n of an 'Re:' prefix is ignored. Bug #685261.

    - Fixed a problem with approving a post by email when the body of the
      approval mail is base64 encoded. Bug #677115.

    - Fixed the host name in the From: address of the owner notification from
      bin/add_members. Bug #666181.

File Description Downloads
download icon mailman-2.1.15rc1.tgz (md5, sig) GNU Mailman 2.1.15rc1 85
last downloaded 13 days ago
Total downloads: 85

2.1.14 release from the 2.1 series released

Release information
Release notes:

2.1.14 (20-Sep-2010)

  Security

    - Two potential XSS vulnerabilities have been identified and fixed.

  New Features

    - A new feature for controlling the addition/replacement of the Sender:
      header in outgoing mail has been implemented. This allows a list owner
      to set include_sender_header on the list's General Options page in the
      admin GUI. The default for this setting is Yes which preserves the prior
      behavior of removing any pre-existing Sender: and setting it to the
      list's -bounces address. Setting this to No stops Mailman from adding or
      modifying the Sender: at all.

      Additionally, there is a new Defaults.py/mm_cfg.py setting
      ALLOW_SENDER_OVERRIDES which defaults to Yes but which can be set to No
      to remove the include_s...

Changelog:

2.1.14 (20-Sep-2010)

  Security

    - Two potential XSS vulnerabilities have been identified and fixed.

  New Features

    - A new feature for controlling the addition/replacement of the Sender:
      header in outgoing mail has been implemented. This allows a list owner
      to set include_sender_header on the list's General Options page in the
      admin GUI. The default for this setting is Yes which preserves the prior
      behavior of removing any pre-existing Sender: and setting it to the
      list's -bounces address. Setting this to No stops Mailman from adding or
      modifying the Sender: at all.

      Additionally, there is a new Defaults.py/mm_cfg.py setting
      ALLOW_SENDER_OVERRIDES which defaults to Yes but which can be set to No
      to remove the include_sender_header setting from General Options, and
      thus preserve the prior behavior completely.

    - Bounce processing has been enhanced so that if a bounce is returned to a
      list from a non-member who is a member of a regular_include_list, the
      bounce will be processed as a bounce for the included list.

  i18n

    - Fixed a missing format character in the German bin/mailmanctl docstring.

    - Updated Dutch translation from Jan Veuger.

    - Updated Japanese Translation from Tokio Kikuchi.

    - Updated Finnish translation from Joni Töyrylä.

    - Made a few corrections to some Polish templates. Bug #566731.

    - Made a minor change to the Chinese (China) message catalog. Bug #545772.

    - Changed a few DOCTYPE directives in templates for compliance.
      Bug #500952 and Bug #500955.

  Bug Fixes and other patches

    - Made minor wording improvements and typo corrections in some messages.
      Bug #426979.

    - Fixed i18n._() to catch exceptions due to bad formats. Bug #632660.

    - Fixed admindb interface to decode base64 and quoted-printable encoded
      message body excerpts for display. Bug #629738.

    - Fixed web CGI tracebacks to properly report sys.path. Bug #615114.

    - Changed the member options login page unsubscribe request to include the
      requesters IP address in the confirmation request. Bug #610527.

    - Changed fix_url to lock the list if not locked. Bug #610364.

    - Made a minor change to the English subscribeack.txt (welcome message)
      template to emphasize that a password is only required to unsubscribe
      *without confirmation*.

    - Fixed an issue in admindb that could result in a KeyError and "we hit a
      bug" response when a moderator acts on a post that had been handled by
      someone else after the first moderator had retrieved it. Bug #598671.

    - Fixed a bug which would fail to show a list on the admin and listinfo
      overview pages if its web_page_url contained a :port. Bug # 597741.

    - Fixed bin/genaliases to not throw TypeError when MTA = None.
      Bug #587657.

    - Provided the ability to specify in mm_cfg.py a local domain (e.g.
      'localhost') for the local addresses in the generated virtual-mailman
      when MTA = 'Postfix'. See VIRTUAL_MAILMAN_LOCAL_DOMAIN in Defaults.py.
      Bug #328907.

    - Made a minor change to the removal of an Approved: pseudo-header from
      a text/html alternative to allow for an inserted '\xA0' before the
      password.

    - Fixed Content Filtering collapse_alternatives to work on deeply nested
      multipart/alternative parts. Bug #576675.

    - We now accept/remove X-Approved: and X-Approve: headers in addition to
      Approved: and Approve: for pre-approving posts. Bug #557750.

    - Reordered the 'cancel' and 'subscribe' buttons on the subscription
      confirmation web page so the default action upon 'enter' will be the
      subscribe button in browsers that pick the first button. Bug #530654.

    - Fixed a bug in the admindb interface that could apply a moderator
      action to a message not displayed. Bug #533468.

    - Added a traceback to the log message produced when processing the
      digest.mbox throws an exception.

    - Added a urlhost argument to the MailList.MailList.Create() method to
      allow bin/newlist and the the create CGI to pass urlhost so the host
      will be correct in the listinfo link on the emptyarchive page.
      Bug #529100.

    - Added the List-Post header to the default list of headers retained in
      messages in the MIME digest. Bug #526143.

    - When daemonizing mailmanctl, we now ensure terminal files are closed.

    - Fixed a bug in pipermail archiving that caused fallback threading by
      subject to fail. Bug #266572.

    - We now give an HTTP 401 status for authentication failures from admin,
      admindb, private, options and roster CGIs, and an HTTP 404 status from
      all the CGIs for an invalid list name.

    - Backported the listinfo template change from the 2.2 branch to fix
      Bug #514050.

    - Fixed a bug where going to an archives/private/list.mbox/list.mbox URL
      would result in a munged URL if authentication was required. Bug #266164.

    - Fixed a bug where check_perms would throw an OSError if an entry in
      Mailman's lists/ directory was not a directory. Bug #265613.

    - Fixed a bug where a message with an Approved: header held by a handler
      that precedes Approve (SpamDetect by default) would not have the
      Approved: header removed if the held message was approved. Bug #501739.

File Description Downloads
download icon mailman-2.1.14-1.tgz (md5, sig) 2.1.14 plus one security patch 1,293
last downloaded 2 weeks ago
download icon mailman-2.1.14.tgz (md5, sig) Mailman 2.1.14 872
last downloaded 19 weeks ago
Total downloads: 2,165

2.1.14rc1 release from the 2.1 series released

Release information
Release notes:

  Security

    - Two potential XSS vulnerabilities have been identified and fixed.

  New Features

    - A new feature for controlling the addition/replacement of the Sender:
      header in outgoing mail has been implemented. This allows a list owner
      to set include_sender_header on the list's General Options page in the
      admin GUI. The default for this setting is Yes which preserves the prior
      behavior of removing any pre-existing Sender: and setting it to the
      list's -bounces address. Setting this to No stops Mailman from adding or
      modifying the Sender: at all.

      Additionally, there is a new Defaults.py/mm_cfg.py setting
      ALLOW_SENDER_OVERRIDES which defaults to Yes but which can be set to No
      to remove the include_sender_header setting f...

Changelog:

2.1.14rc1 (9-Sep-2010)

  Security

    - Two potential XSS vulnerabilities have been identified and fixed.

  New Features

    - A new feature for controlling the addition/replacement of the Sender:
      header in outgoing mail has been implemented. This allows a list owner
      to set include_sender_header on the list's General Options page in the
      admin GUI. The default for this setting is Yes which preserves the prior
      behavior of removing any pre-existing Sender: and setting it to the
      list's -bounces address. Setting this to No stops Mailman from adding or
      modifying the Sender: at all.

      Additionally, there is a new Defaults.py/mm_cfg.py setting
      ALLOW_SENDER_OVERRIDES which defaults to Yes but which can be set to No
      to remove the include_sender_header setting from General Options, and
      thus preserve the prior behavior completely.

    - Bounce processing has been enhanced so that if a bounce is returned to a
      list from a non-member who is a member of a regular_include_list, the
      bounce will be processed as a bounce for the included list.

  i18n

    - Fixed a missing format character in the German bin/mailmanctl docstring.

    - Updated Dutch translation from Jan Veuger.

    - Updated Japanese Translation from Tokio Kikuchi.

    - Updated Finnish translation from Joni Töyrylä.

    - Made a few corrections to some Polish templates. Bug #566731.

    - Made a minor change to the Chinese (China) message catalog. Bug #545772.

    - Changed a few DOCTYPE directives in templates for compliance.
      Bug #500952 and Bug #500955.

  Bug Fixes and other patches

    - Fixed i18n._() to catch exceptions due to bad formats. Bug #632660.

    - Fixed admindb interface to decode base64 and quoted-printable encoded
      message body excerpts for display. Bug #629738.

    - Fixed web CGI tracebacks to properly report sys.path. Bug #615114.

    - Changed the member options login page unsubscribe request to include the
      requesters IP address in the confirmation request. Bug #610527.

    - Changed fix_url to lock the list if not locked. Bug #610364.

    - Made a minor change to the English subscribeack.txt (welcome message)
      template to emphasize that a password is only required to unsubscribe
      *without confirmation*.

    - Fixed an issue in admindb that could result in a KeyError and "we hit a
      bug" response when a moderator acts on a post that had been handled by
      someone else after the first moderator had retrieved it. Bug #598671.

    - Fixed a bug which would fail to show a list on the admin and listinfo
      overview pages if its web_page_url contained a :port. Bug # 597741.

    - Fixed bin/genaliases to not throw TypeError when MTA = None.
      Bug #587657.

    - Provided the ability to specify in mm_cfg.py a local domain (e.g.
      'localhost') for the local addresses in the generated virtual-mailman
      when MTA = 'Postfix'. See VIRTUAL_MAILMAN_LOCAL_DOMAIN in Defaults.py.
      Bug #328907.

    - Made a minor change to the removal of an Approved: pseudo-header from
      a text/html alternative to allow for an inserted '\xA0' before the
      password.

    - Fixed Content Filtering collapse_alternatives to work on deeply nested
      multipart/alternative parts. Bug #576675.

    - We now accept/remove X-Approved: and X-Approve: headers in addition to
      Approved: and Approve: for pre-approving posts. Bug #557750.

    - Reordered the 'cancel' and 'subscribe' buttons on the subscription
      confirmation web page so the default action upon 'enter' will be the
      subscribe button in browsers that pick the first button. Bug #530654.

    - Fixed a bug in the admindb interface that could apply a moderator
      action to a message not displayed. Bug #533468.

    - Added a traceback to the log message produced when processing the
      digest.mbox throws an exception.

    - Added a urlhost argument to the MailList.MailList.Create() method to
      allow bin/newlist and the the create CGI to pass urlhost so the host
      will be correct in the listinfo link on the emptyarchive page.
      Bug #529100.

    - Added the List-Post header to the default list of headers retained in
      messages in the MIME digest. Bug #526143.

    - When daemonizing mailmanctl, we now ensure terminal files are closed.

    - Fixed a bug in pipermail archiving that caused fallback threading by
      subject to fail. Bug #266572.

    - We now give an HTTP 401 status for authentication failures from admin,
      admindb, private, options and roster CGIs, and an HTTP 404 status from
      all the CGIs for an invalid list name.

    - Backported the listinfo template change from the 2.2 branch to fix
      Bug #514050.

    - Fixed a bug where going to an archives/private/list.mbox/list.mbox URL
      would result in a munged URL if authentication was required. Bug #266164.

    - Fixed a bug where check_perms would throw an OSError if an entry in
      Mailman's lists/ directory was not a directory. Bug #265613.

    - Fixed a bug where a message with an Approved: header held by a handler
      that precedes Approve (SpamDetect by default) would not have the
      Approved: header removed if the held message was approved. Bug #501739.

File Description Downloads
download icon mailman-2.1.14rc1.tgz (md5, sig) Mailman 2.1.14rc1 108
last downloaded 19 weeks ago
Total downloads: 108

2.1.13 release from the 2.1 series released

Release information
Release notes:

I am happy to announce the final release of Mailman 2.1.13.

Mailman 2.1.13 is a bug fix release and contains a new localization for
the Asturian language.

Python 2.4 is the minimum supported, but Python 2.5.or 2.6 is recommended.

Mailman is free software for managing email mailing lists and
e-newsletters. Mailman is used for all the python.org and
SourceForge.net mailing lists, as well as at hundreds of other sites.

For more information, please see:

http://www.list.org
http://www.gnu.org/software/mailman

Mailman 2.1.13 can be downloaded from

https://launchpad.net/mailman/2.1/
http://ftp.gnu.org/gnu/mailman/

Changelog:

  i18n

    - Updated Dutch message catalog from Jan Veuger.

    - Added Asturian translation from Marcos Costales and the Asturian
      Language Team.

  Bug Fixes and other patches

    - Added "white-space: pre-wrap" style for <pre> tag in archives.
      Bug #266467.

    - Added vette logging for rejected and discarded (un)subscribe requests.

    - Fixed a bug in admindb.py that could erroneously discard an unsubscribe
      request as a duplicate.

    - Decoded RFC 2047 encoded message subjects for a few reports.
      Bug #266428.

    - Fixed the French, Spanish and Hebrew translations which improperly
      translated the 'coding:' line in bin/config_list output.

    - Fixed the auto-responder to treat messages to -confirm, -join, -leave,
      -subscribe and -unsubscribe as requests rather than posts. Bug #427962.

    - Configure/make no longer builds Japanese and Korean codecs in
      pythonlib if Python already has them.

    - Inadvertently setting a null site or list password allowed access
      to a list's web admin interface without authentication. Fixed by
      not accepting null passwords.

    - Changed VERP_CONFIRM_REGEXP in Defaults.py to work if the replying
      MUA folds the To: header and in cases where the list name includes '+'.

    - Fixed some paths in contrib/check_perms_grsecurity.py. Bug #411192.

    - Replies to commands sent to list-request now come From: list-owner
      instead of list-bounces.

    - Mailman no longer folds long sub-part headers in multipart messages.
      In addition, Mailman no longer escapes From_ lines in the body of
      messages sent to regular list members, although MTA's may do it anyway.
      This is to avoid breaking signatures per Bug #265967.

    - XSS protection in the web interface went too far in escaping HTML
      entities. Fixed.

    - Removed or anonymized additional headers in posts to anonymous lists.

    - Fixed a bug that could cause incorrect threading of replies to archived
      messages that arrive with timestamps in the same second.

    - Scrubbed HTML attachments containing tab characters would get the tabs
      replaced by a string of '&nbsp' without a semicolon. Fixed.

    - Caught a TypeError in content filtering, collapse alternatives that
      occurred with a malformed message if a multipart/alternative part
      wasn't multi-part. Reported in comments to bug #266230.

    - Fixed a few things in bin/update:
      - Changed some old messages for more current meaning.
      - Fixed qfiles update to not lose metadata from 2.1.5+ format entries.
      - Fixed 2.0.x template migration to not die if the templates/ tree
        contains subdirectories from a version control system.

    - Fixed a bug that would show a list on the admin and listinfo overview
      pages if its web_page_url host contained the current host as a
      substring. Bug #342162.

    - Fixed a bug in Utils.canonstr() that would throw a UnicodeDecodeError
      if the string contained an HTML entity > 255 and also characters in the
      128-255 range. Bug #341594.

    - Added recognition for more bounces.

    - Updated contrib/mmdsr to report preserved messages and to use mktemp to
      create temp files.

File Description Downloads
download icon mailman-2.1.13.tgz (md5, sig) Mailman 2.1.13 final 1,316
last downloaded 8 days ago
Total downloads: 1,316

3140 of 70 releases FirstLast