GNU Mailman 2.1.14

2.1 Stable bug fix release

Milestone information

Project:
GNU Mailman
Series:
2.1
Version:
2.1.14
Released:
2010-09-20  
Registrant:
Mark Sapiro
Release registered:
2010-09-20
Active:
No. Drivers cannot target bugs and blueprints to this milestone.  

Download RDF metadata

Activities

Assigned to you:
No blueprints or bugs assigned to you.
Assignees:
19 Mark Sapiro
Blueprints:
No blueprints are targeted to this milestone.
Bugs:
19 Fix Released

Download files for this release

After you've downloaded a file, you can verify its authenticity using its MD5 sum or signature. (How do I verify a download?)

File Description Downloads
download icon mailman-2.1.14-1.tgz (md5, sig) 2.1.14 plus one security patch 1,176
last downloaded 4 days ago
download icon mailman-2.1.14.tgz (md5, sig) Mailman 2.1.14 812
last downloaded 2 weeks ago
Total downloads: 1,988

Release notes 

2.1.14 (20-Sep-2010)

  Security

    - Two potential XSS vulnerabilities have been identified and fixed.

  New Features

    - A new feature for controlling the addition/replacement of the Sender:
      header in outgoing mail has been implemented. This allows a list owner
      to set include_sender_header on the list's General Options page in the
      admin GUI. The default for this setting is Yes which preserves the prior
      behavior of removing any pre-existing Sender: and setting it to the
      list's -bounces address. Setting this to No stops Mailman from adding or
      modifying the Sender: at all.

      Additionally, there is a new Defaults.py/mm_cfg.py setting
      ALLOW_SENDER_OVERRIDES which defaults to Yes but which can be set to No
      to remove the include_sender_header setting from General Options, and
      thus preserve the prior behavior completely.

    - Bounce processing has been enhanced so that if a bounce is returned to a
      list from a non-member who is a member of a regular_include_list, the
      bounce will be processed as a bounce for the included list.

Changelog 

View the full changelog

2.1.14 (20-Sep-2010)

  Security

    - Two potential XSS vulnerabilities have been identified and fixed.

  New Features

    - A new feature for controlling the addition/replacement of the Sender:
      header in outgoing mail has been implemented. This allows a list owner
      to set include_sender_header on the list's General Options page in the
      admin GUI. The default for this setting is Yes which preserves the prior
      behavior of removing any pre-existing Sender: and setting it to the
      list's -bounces address. Setting this to No stops Mailman from adding or
      modifying the Sender: at all.

      Additionally, there is a new Defaults.py/mm_cfg.py setting
      ALLOW_SENDER_OVERRIDES which defaults to Yes but which can be set to No
      to remove the include_sender_header setting from General Options, and
      thus preserve the prior behavior completely.

    - Bounce processing has been enhanced so that if a bounce is returned to a
      list from a non-member who is a member of a regular_include_list, the
      bounce will be processed as a bounce for the included list.

  i18n

    - Fixed a missing format character in the German bin/mailmanctl docstring.

    - Updated Dutch translation from Jan Veuger.

    - Updated Japanese Translation from Tokio Kikuchi.

    - Updated Finnish translation from Joni Töyrylä.

    - Made a few corrections to some Polish templates. Bug #566731.

    - Made a minor change to the Chinese (China) message catalog. Bug #545772.

    - Changed a few DOCTYPE directives in templates for compliance.
      Bug #500952 and Bug #500955.

  Bug Fixes and other patches

    - Made minor wording improvements and typo corrections in some messages.
      Bug #426979.

    - Fixed i18n._() to catch exceptions due to bad formats. Bug #632660.

    - Fixed admindb interface to decode base64 and quoted-printable encoded
      message body excerpts for display. Bug #629738.

    - Fixed web CGI tracebacks to properly report sys.path. Bug #615114.

    - Changed the member options login page unsubscribe request to include the
      requesters IP address in the confirmation request. Bug #610527.

    - Changed fix_url to lock the list if not locked. Bug #610364.

    - Made a minor change to the English subscribeack.txt (welcome message)
      template to emphasize that a password is only required to unsubscribe
      *without confirmation*.

    - Fixed an issue in admindb that could result in a KeyError and "we hit a
      bug" response when a moderator acts on a post that had been handled by
      someone else after the first moderator had retrieved it. Bug #598671.

    - Fixed a bug which would fail to show a list on the admin and listinfo
      overview pages if its web_page_url contained a :port. Bug # 597741.

    - Fixed bin/genaliases to not throw TypeError when MTA = None.
      Bug #587657.

    - Provided the ability to specify in mm_cfg.py a local domain (e.g.
      'localhost') for the local addresses in the generated virtual-mailman
      when MTA = 'Postfix'. See VIRTUAL_MAILMAN_LOCAL_DOMAIN in Defaults.py.
      Bug #328907.

    - Made a minor change to the removal of an Approved: pseudo-header from
      a text/html alternative to allow for an inserted '\xA0' before the
      password.

    - Fixed Content Filtering collapse_alternatives to work on deeply nested
      multipart/alternative parts. Bug #576675.

    - We now accept/remove X-Approved: and X-Approve: headers in addition to
      Approved: and Approve: for pre-approving posts. Bug #557750.

    - Reordered the 'cancel' and 'subscribe' buttons on the subscription
      confirmation web page so the default action upon 'enter' will be the
      subscribe button in browsers that pick the first button. Bug #530654.

    - Fixed a bug in the admindb interface that could apply a moderator
      action to a message not displayed. Bug #533468.

    - Added a traceback to the log message produced when processing the
      digest.mbox throws an exception.

    - Added a urlhost argument to the MailList.MailList.Create() method to
      allow bin/newlist and the the create CGI to pass urlhost so the host
      will be correct in the listinfo link on the emptyarchive page.
      Bug #529100.

    - Added the List-Post header to the default list of headers retained in
      messages in the MIME digest. Bug #526143.

    - When daemonizing mailmanctl, we now ensure terminal files are closed.

    - Fixed a bug in pipermail archiving that caused fallback threading by
      subject to fail. Bug #266572.

    - We now give an HTTP 401 status for authentication failures from admin,
      admindb, private, options and roster CGIs, and an HTTP 404 status from
      all the CGIs for an invalid list name.

    - Backported the listinfo template change from the 2.2 branch to fix
      Bug #514050.

    - Fixed a bug where going to an archives/private/list.mbox/list.mbox URL
      would result in a munged URL if authentication was required. Bug #266164.

    - Fixed a bug where check_perms would throw an OSError if an entry in
      Mailman's lists/ directory was not a directory. Bug #265613.

    - Fixed a bug where a message with an Approved: header held by a handler
      that precedes Approve (SpamDetect by default) would not have the
      Approved: header removed if the held message was approved. Bug #501739.

0 blueprints and 19 bugs targeted

Bug report Importance Assignee Status
266824 #266824 Add option to remove Sender header 4 Medium Mark Sapiro  10 Fix Released
533468 #533468 admindb interface applies action to not yet seen messages from user. 4 Medium Mark Sapiro  10 Fix Released
597741 #597741 Lists missing from listinfo and admin overviews if host contains :port. 4 Medium Mark Sapiro  10 Fix Released
598671 #598671 KeyError in admindb when acting on a previously handled post. 4 Medium Mark Sapiro  10 Fix Released
610527 #610527 Unsubscribe confirmation from options login page should include IP address. 4 Medium Mark Sapiro  10 Fix Released
629738 #629738 admindb details doesn't decode message body. 4 Medium Mark Sapiro  10 Fix Released
632660 #632660 Errors in interpolation formats in strings can cause shunted messages. 4 Medium Mark Sapiro  10 Fix Released
328907 #328907 Simple patch to make genaliases explicitly vmap to @localhost 5 Low Mark Sapiro  10 Fix Released
526143 #526143 List-Post header should be retained in MIME digest messages 5 Low Mark Sapiro  10 Fix Released
529100 #529100 Initial 'emptyarchive' page can have wrong host name in listinfo page link 5 Low Mark Sapiro  10 Fix Released
530654 #530654 Active button on /cgi-bin/mailman/confirm is 'cancel' 5 Low Mark Sapiro  10 Fix Released
545772 #545772 An error in Simplified Chinese translation 5 Low Mark Sapiro  10 Fix Released
566731 #566731 there are some misspellings in Polish language templates 5 Low Mark Sapiro  10 Fix Released
587657 #587657 bin/genaliases throws TypeError if MTA = None. 5 Low Mark Sapiro  10 Fix Released
590155 #590155 extraneous line of code 5 Low Mark Sapiro  10 Fix Released
610364 #610364 fix_url won't save list as no Lock 5 Low Mark Sapiro  10 Fix Released
615114 #615114 CGI driver script mis-reports sys.path in tracebacks 5 Low Mark Sapiro  10 Fix Released
426979 #426979 Mistakes in mailman strings. 1 Undecided Mark Sapiro  10 Fix Released
557750 #557750 Mailman should honor X-Approve and X-Approved 1 Undecided Mark Sapiro  10 Fix Released
This milestone contains Public information
Everyone can see this information.