GNU Mailman 2.1.15

Milestone information

GNU Mailman
Mark Sapiro
Release registered:
Yes. Drivers can target bugs and blueprints to this milestone.  

Download RDF metadata


Assigned to you:
No blueprints or bugs assigned to you.
49 Mark Sapiro
No blueprints are targeted to this milestone.
50 Fix Released

Download files for this release

After you've downloaded a file, you can verify its authenticity using its MD5 sum or signature. (How do I verify a download?)

File Description Downloads
download icon mailman-2.1.15.tgz (md5, sig) Mailman 2.1.15 final release 959
last downloaded today
Total downloads: 959

Release notes 

This is the final release of Mailman 2.1.15. It has security fixes, new features and bug fixes. Please see the Changelog for details.


View the full changelog


    - Strengthened the validation of email addresses.

    - An XSS vulnerability, CVE-2011-0707, has been fixed.

    - The web admin interface has been hardened against CSRF attacks by adding
      a hidden, encrypted token with a time stamp to form submissions and not
      accepting authentication by cookie if the token is missing, invalid or
      older than the new setting FORM_LIFETIME which defaults to one
      hour. Posthumous thanks go to Tokio Kikuchi for this implementation
      which is only one of his many contributions to Mailman prior to his
      death from cancer on 14 January 2012.

  New Features

    - Added a password reminder button to the private archive login page.
      Backported from the 2.2 branch.

    - There is a new list attribute regular_exclude_ignore set from
      DEFAULT_REGULAR_EXCLUDE_IGNORE. This defaults to True even though the
      prior behavior is equivalent to False. A True setting will ignore an
      exclude list if the poster is not a member of that list. The False
      setting can result in list members not receiving posts if the nonmember
      post is not accepted by the exclude list. Backported from 2.2 branch.

    - Eliminated the list cache from the qrunners. Indirect self-references
      caused lists to never be dropped from the cache which in turn caused
      the qrunners to grow very large in installations with many lists or
      multiple large lists. Bug #862683.

    - The user options 'list my other subscriptions' page now indicates for
      each list if the subscription is 'nomail' or 'digest'. Bug #793669.

    - A new list poster password has been implemented. This password may only
      be used in Approved: or X-Approved: headers for pre-approving posts.
      Using this password for that purpose precludes compromise of a more
      valuable password sent in plain text email. Bug #770581.

    - A new setting AUTHENTICATION_COOKIE_LIFETIME has been added.
      If this is set to a non-zero value, web authentication cookies will
      expire that many seconds following their last use. Its default value is
      zero to preserve current behavior.

    - A new setting RESPONSE_INCLUDE_LEVEL has been added to control
      how much of the original message is included in automatic responses to
      email commands. The default is 2 to preserve the prior behavior of
      including the full message. Setting this to 1 in will include
      only the original headers, and 0 will include none of the original. It
      is recommended to set this to 0 in to minimize the effects of
      backscatter. Bug #265835.

    - A new setting DEFAULT_RESPOND_TO_POST_REQUESTS has been added
      to control the default for respond_to_post_requests for new lists. It is
      set to Yes for backwards compatibility, but it is recommended that
      serious consideration be given to setting it to No. Bug #266051.

    - A new setting DISCARD_MESSAGE_WITH_NO_COMMAND has been added to
      control whether a message to the -request address without any commands or
      a message to -confirm whose To: address doesn't match VERP_CONFIRM_REGEXP
      is responded to or just logged. It defaults to Yes which is different
      from prior behavior. Bug #410236.

    - Two new settings, BROKEN_BROWSER_WORKAROUND and
      BROKEN_BROWSER_REPLACEMENTS, have been added to control escaping of
      additional characters beyond the standard <, >, &, and " in the web UI.
      See the documentation of these settings in The default
      values for these settings result in no change from the prior release.
      Bug #774588.


    - Added some missing German templates from Egon Frerich.

    - Added Greek translation from Antonis Limperis.

    - A few errors in the Basque translation are fixed. Bug #836861.

    - Fixed a misspelling in the German invite.txt template. Bug #815444.

    - Fixed a missing format character in the Spanish translation.
      Bug #670988.

    - Thanks go to the following for updating translations for the changes in
      this release.
        Thijs Kinkhorst
        Stefan Förster
        Fabian Wenk

  Bug Fixes and other patches

    - Fixed a bug that could send an admin notice of a held subscription with
      the subject in the user's preferred language instead of the list's
      preferred language and possibly not properly RFC 2047 encoded.
      (LP: #998949)

    - Fixed a possible CPU bound loop in OutgoingRunner if the attempt to
      Connect to the SMTP server throws a socket.error. (LP: #966531)

    - Fixed a potential crash in the web UI if a language is removed from the
      LC_DESCRIPTIONS dictionary. (LP: #966565)

    - Added an Auto-Submitted: header to invitations and (un)subscription
      confirmation requests to reduce the possibility of an autoresponder
      confirming the request. (LP: #265831)

    - Added javascript to the private.html and admlogin.html templates to
      focus the cursor on the entry field. (LP: #266054)

    - Added CPPFLAGS and LDFLAGS to src/Makefile to support their use.
      (LP: #637652)

    - Stopped removing the trailing slash from the List-Archive: header URL.
      (LP: #964190)

    - A configured version of contrib/ is now created in
      build/contrib/ (LP: #999250)

    - Subscription disabled warnings are now sent without a Precedence:
      header. Bug #808821.

    - Backported 2.2 branch fix for a problem in that could
      cause header_filter_rules to fail to match RFC 2047 encoded headers.

    - Fix for bug #629738 could cause a crash in the admindb details display
      if the decoded message body contained characters not in the character
      set of the list's preferred language. Fixed. Bug #910440.

    - Added recognition for another Qmail bounce format.

    - Fixed an erroneous seek in the Mailman.Mailbox.Mailbox.AppendMessage
      method that could cause a corrupt mailbox for files opened 'w+'.
      Bug #901957.

    - A held message with a null sender caused a crash in the admindb
      interface. This is fixed by changing the sender to <missing>.
      Bug #897103.

    - Changed subject prefixing to allow for possible whitespace between an
      'Re' and the following colon when determining how to add the prefix.
      Bug #893290.

    - Fixed a problem where topics regexps would not match RFC 2047 encoded
      Keywords: and/or Subject: headers. Bug #891676.

    - Fixed misleading response to an email approval of a held message.
      Bug #889968.

    - Added masthead.txt to the list of templates that can be edited via the
      web admin interface. Bug #266805.

    - Changed the way digest_footer is added to the RFC 1153 (plain) format
      digest for RFC compliance. Bug #887610.

    - Fixed cron/checkdbs to report unsubscriptions waiting approval.
      Bug #873821.

    - The fix for BUG #266220 (sf1181161) has been enhanced so that if there
      is a pathological HTML part such that the Approved: password text isn't
      found, but it is found after stripping out HTML tags, the post is
      rejected with an informative message.

    - A bug that would cause reset of any new_member_options bits other than
      the four displayed as checkboxes on the list admin General Options page
      whenever the page was updated or bin/config_list attempted to update
      new_member_options has been fixed. Bug #865825.

    - A problem with the logic avoiding unnecessarily reloading a current list
      object from the config.pck arises if the list is updated by another
      process within the same second that it was last read/written. That can
      cause the reading of latest version of the list to be skipped. This has
      been fixed. Bug #862675.

    - Fixed bin/ to accept case insensitive password schemes.
      Bug #833134.

    - Added Tokio Kikuchi's icons to the misc/ and installed icons/
      directories. Bug #782474.

    - Fixed a problem which could result in raw, undecoded message bodies
      appearing in plain digests and archives. Bug #787790.

    - Fixed a problem in where the character set for the display of
      the message body excerpt was not correctly determined. Bug #779751.

    - Prevented setting user passwords with leading/trailing whitespace.
      Bug #778088.

    - Mailman now sets the 'secure' flag in cookies set via https URLs.
      Bug #770377.

    - Added a logout link to the admindb interface and made both admin and
      admindb logout effective for a site admin cookie if allowed.
      Bug #769318.

    - Replaced the old Mailman logos and icon that install to Mailman's icons
      directory with the new ones. If you copy these elsewhere on your
      server, please copy these new ones.

    - Changed bin/genaliases to only call the POSTFIX_*_CMD commands once when
      MTA = 'Postfix'. Bug #266408.

    - Added a report of the affected members to the warnings issued when
      setting a list with digest members digestable=No and when setting a list
      with non-digest members nondigestable=no. Bug #761232.

    - Fixed a problem where content filtering could remove the headers from
      an attached message/rfc822 part if the message in that part is
      multipart/alternative and collapse_alternatives is Yes. Bug #757062.

    - Changed the subscribe CGI to strip leading and trailing whitespace from
      the supplied email address. Bug #745432.

    - Changed the maximum number of arguments for the who command to be
      considered administrivia from 2 to 1 to help avoid false positives.
      Bug #739524.

    - Added the list name as 'display-name' in added Sender: headers to help
      mitigate Outlook et al 'on behalf of' displays. Bug #736849.

    - Fixed a typo in the usage() definition cron/gate_news. Bug #721015.

    - Fixed an uncaught KeyError when poster tries to cancel a post which was
      already handled. Bug #266224.

    - Held message user notifications now come From: list-owner instead of
      list-bounces. Bug #714424.

    - Issue an HTTP 404 status for private archive file not found.

    - @listname entries in *_these_nonmembers are no longer case sensitive.
      Bug #705715.

    - Changed bin/rmlist to also remove heldmsg files for the removed list and
      fixed a problem with removal of stale locks for the list. Bug #700528.

    - Fixed a bug where content filtering could leave a multipart message or
      part with just one sub-part. These should be recast to just the sub-part.
      Bug #701558.

    - Fixed a bug that could erroneously handle posts from addresses in
      *_these_nonmembers and send held/rejected notices to bogus addresses when
      The From or other sender header is RFC 2047 encoded. Bug #702516.

    - Updated contrib/mm-handler-2.1.10 to better handle lists with names that
      look like admin addresses. Bug #697161.

    - Added bounce recognition for a bogus Dovecot MDN. Bug #693134.

    - Fixed a problem where an emailed command in the Subject: header with a
      non-ascii l10n of an 'Re:' prefix is ignored. Bug #685261.

    - Fixed a problem with approving a post by email when the body of the
      approval mail is base64 encoded. Bug #677115.

    - Fixed the host name in the From: address of the owner notification from
      bin/add_members. Bug #666181.

0 blueprints and 50 bugs targeted

Bug report Importance Assignee Status
265835 #265835 held message notice options 3 High Mark Sapiro  10 Fix Released
410236 #410236 mailman responds to mail with no valid command 3 High Mark Sapiro  10 Fix Released
265831 #265831 Autoreplies confirm subscription invitations 4 Medium Mark Sapiro  10 Fix Released
266051 #266051 respond_to_post_requests is not configurable but should be 4 Medium Mark Sapiro  10 Fix Released
266054 #266054 Focus form entry onload in admlogin.html 4 Medium Mark Sapiro  10 Fix Released
266220 #266220 Approved: only removed from text/plain part 4 Medium Mark Sapiro  10 Fix Released
266408 #266408 genaliases on Postfix is inefficient and can cause bounces 4 Medium Mark Sapiro  10 Fix Released
670988 #670988 Missing format character in Spanish translation 4 Medium Mark Sapiro  10 Fix Released
677115 #677115 Reply to to part 3 of a held message notification containing a Approved: first body line fails if reply is base64 encoded. 4 Medium Mark Sapiro  10 Fix Released
701558 #701558 Content filtering leaves a single sub-part in a multipart message. 4 Medium Mark Sapiro  10 Fix Released
702516 #702516 RFC 2047 encoded From: header is not correctly parsed. 4 Medium Mark Sapiro  10 Fix Released
736849 #736849 Sender header change to improve Outlook 4 Medium Mark Sapiro  10 Fix Released
769318 #769318 admindb should have 'logout' function 4 Medium Mark Sapiro  10 Fix Released
770377 #770377 Mailman should set the 'secure' cookie flag when accessed via https 4 Medium Mark Sapiro  10 Fix Released
774588 #774588 recent change in Utils.websafe() breaks Japanese (and other double-byte language) texts 4 Medium Mark Sapiro  10 Fix Released
779751 #779751 admindb fail to find message charset 4 Medium Mark Sapiro  10 Fix Released
787790 #787790 Scrubber can return raw message body for multipart message 4 Medium Mark Sapiro  10 Fix Released
815444 #815444 typo in german invite.txt 'einzutragenn' 4 Medium Mark Sapiro  10 Fix Released
836861 #836861 Errors in Basque i18n. 4 Medium Mark Sapiro  10 Fix Released
865825 #865825 Undisplayed new_member_options bits are reset whenever the General Options page is submitted. 4 Medium Mark Sapiro  10 Fix Released
889968 #889968 Response to email approval of held message is misleading 4 Medium Mark Sapiro  10 Fix Released
891676 #891676 topics don't work with national(russian) languages 4 Medium Mark Sapiro  10 Fix Released
910440 #910440 Admindb interface can crash with a UnicodeDecodeError when displaying held message contents. 4 Medium Mark Sapiro  10 Fix Released
966531 #966531 OutgoingRunner consumes 100% cpu 4 Medium Mark Sapiro  10 Fix Released
998949 #998949 Admin notice of held subscription is not fully in list's preferred language. 4 Medium Mark Sapiro  10 Fix Released
266224 #266224 Bug if bounced message canceled after being discarded 5 Low Mark Sapiro  10 Fix Released
666181 #666181 wrong From field in subscription notification to admin 5 Low Mark Sapiro  10 Fix Released
693134 #693134 Uncaught bounce from Dovecot when Quota Exceeded 5 Low Mark Sapiro  10 Fix Released
697161 #697161 Bug in mm-handler-2.1.10 regarding lists named xxx-admin 5 Low Mark Sapiro  10 Fix Released
700528 #700528 bin/rmlist does not remove the heldmsg-LISTNAME-* files for the list. 5 Low Mark Sapiro  10 Fix Released
705715 #705715 @listname entries in *_these_nonmembers are case sensitive. 5 Low Mark Sapiro  10 Fix Released
721015 #721015 Typo in cron/gate_news usage() definition. 5 Low Mark Sapiro  10 Fix Released
739524 #739524 Administrivia 'who' matches too much 5 Low Mark Sapiro  10 Fix Released
745432 #745432 Email address with leading or trailing space is not accepted by web subscribe. 5 Low Mark Sapiro  10 Fix Released
757062 #757062 Content filtering can remove the headers from a message/rfc822 part. 5 Low Mark Sapiro  10 Fix Released
761232 #761232 Warnings when setting a list with digest members digestable=No or with non-digest members nondigestable=No do not identify affected members. 5 Low Mark Sapiro  10 Fix Released
833134 #833134 The password scheme for bin/ is case sensitive. 5 Low Mark Sapiro  10 Fix Released
862683 #862683 List caching in the qrunners can cause the processes to grow unduly large. 5 Low Mark Sapiro  10 Fix Released
873821 #873821 cron/checkdbs doesn't report unsubscribe requests 5 Low Mark Sapiro  10 Fix Released
893290 #893290 "Re:" matching not liberal enough 5 Low Mark Sapiro  10 Fix Released
897103 #897103 Crash when moderating messages with empty sender address 5 Low Mark Sapiro  10 Fix Released
901957 #901957 Mailman.Mailbox.Mailbox.AppendMessage method can add null bytes to mailbox. 5 Low Mark Sapiro  10 Fix Released
919479 #919479 incorrect example in List Administration Manual 2.1 5 Low Mark Sapiro  10 Fix Released
964190 #964190 Trailing slash is stripped from List-Archive: URL 5 Low Mark Sapiro  10 Fix Released
966565 #966565 Web UI crashes on list with 'removed' language. 5 Low Mark Sapiro  10 Fix Released
999250 #999250 Minor fixes in to mailman 2 re. 5 Low Mark Sapiro  10 Fix Released
266805 #266805 Digest header / masthead.txt changes 6 Wishlist Mark Sapiro  10 Fix Released
637652 #637652 mailman should respect LDFLAGS 6 Wishlist Mark Sapiro  10 Fix Released
770581 #770581 The list admin or moderator password can be compromised by sending in an Approved: header 6 Wishlist Mark Sapiro  10 Fix Released
793669 #793669 feature request. change the 'list my other subscriptions' to also report if the other subscriptions are enabled or disabled 1 Undecided   10 Fix Released
This milestone contains Public information
Everyone can see this information.