GNU Mailman 2.1.28
Milestone information
- Project:
- GNU Mailman
- Series:
- 2.1
- Version:
- 2.1.28
- Released:
- Registrant:
- Mark Sapiro
- Release registered:
- Active:
- Yes. Drivers can target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- 3 Mark Sapiro
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- 3 Fix Released
Download files for this release
Release notes
2.1.28 (23-Jul-2018)
Security
- A content spoofing vulnerability with invalid list name messages in
the web UI has been fixed. CVE-2018-13796 (LP: #1780874)
New Features
- It is now possible to edit HTML and text templates via the web admin
UI in a supported language other than the list's preferred_language.
Thanks to Yasuhito FUTATSUKI.
i18n
- The Japanese translation has been updated by Yasuhito FUTATSUKI.
- The German translation has been updated by Ralf Hildebrandt.
- The Esperanto translation has been updated by Rub�n Fern�ndez Asensio.
Bug fixes and other patches
- The BLOCK_SPAMHAUS_
not working. This is fixed. (LP: #1779774)
- Escaping of HTML entities for the web UI is now done more selectively.
(LP: #1779445)
Changelog
This release does not have a changelog.
0 blueprints and 3 bugs targeted
Bug report | Importance | Assignee | Status | |||
---|---|---|---|---|---|---|
1779445 | #1779445 | edithtml.py saves en templates using html entity reference with raw iso-8859-1 character | 4 Medium | Mark Sapiro | 10 Fix Released | |
1779774 | #1779774 | The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature doesn't work. | 4 Medium | Mark Sapiro | 10 Fix Released | |
1780874 | #1780874 | Arbitrary text injection vulnerability in Mailman CGIs | 5 Low | Mark Sapiro | 10 Fix Released |