GNU Mailman 2.1.26
Milestone information
- Project:
- GNU Mailman
- Series:
- 2.1
- Version:
- 2.1.26
- Released:
- Registrant:
- Mark Sapiro
- Release registered:
- Active:
- Yes. Drivers can target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- 7 Mark Sapiro
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- 7 Fix Released
Download files for this release
Release notes
2.1.26 (04-Feb-2018)
Security
- An XSS vulnerability in the user options CGI could allow a crafted URL
to execute arbitrary javascript in a user's browser. A related issue
could expose information on a user's options page without requiring
login. These are fixed. Thanks to Calum Hutton for the report.
CVE-2018-5950 (LP: #1747209)
New Features
- Thanks to David Siebörger who adapted an existing patch by Andrea
Veri to use Google reCAPTCHA v2 there is now the ability to add
reCAPTCHA to the listinfo subscribe form. There are two new mm_cfg.py
settings for RECAPTCHA_SITE_KEY and RECAPTCHA_
for which you obtain for your domain(s) from Google at
<https:/
- Thanks to Lindsay Haisley, there is a new bin/mailman-config command
to display various information about this Mailman version and how it
was configured.
i18n
- The Japanese message catalog has been updated for added strings by
Yasuhito FUTATSUKI.
- The German translation of a couple of templates has been updated by
Thomas Hochstein.
- The Japanese translation of Defaults.py.in has been updated by
Yasuhito FUTATSUKI.
Changelog
0 blueprints and 7 bugs targeted
Bug report | Importance | Assignee | Status | |||
---|---|---|---|---|---|---|
1747209 | #1747209 | XSS vulnerability and information leak in user options CGI | 3 High | Mark Sapiro | 10 Fix Released | |
1737371 | #1737371 | Show which header_filter_rules regexp matched in the hold reason. | 4 Medium | Mark Sapiro | 10 Fix Released | |
1746189 | #1746189 | wrong usage of _() in Mailman/Cgi/subscribe.py | 4 Medium | Mark Sapiro | 10 Fix Released | |
1729472 | #1729472 | The DELIVERY_RETRY_WAIT setting is ignored | 5 Low | Mark Sapiro | 10 Fix Released | |
1734162 | #1734162 | OSError in Mailman/MTA/Postfix.py when updating maps. | 5 Low | Mark Sapiro | 10 Fix Released | |
1740543 | #1740543 | Mailman 2.1.22+ requires Python 2.7 | 5 Low | Mark Sapiro | 10 Fix Released | |
1744739 | #1744739 | 2.1.25 login based pages not working with uwsgi | 5 Low | Mark Sapiro | 10 Fix Released |