2.1.28 (23-Jul-2018)

  Security
 
    - A content spoofing vulnerability with invalid list name messages in
      the web UI has been fixed.  CVE-2018-13796  (LP: #1780874)

  New Features

    - It is now possible to edit HTML and text templates via the web admin
      UI in a supported language other than the list's preferred_language.
      Thanks to Yasuhito FUTATSUKI.

  i18n

    - The Japanese translation has been updated by Yasuhito FUTATSUKI.

    - The German translation has been updated by Ralf Hildebrandt.

    - The Esperanto translation has been updated by Rubén Fernández Asensio.

  Bug fixes and other patches

    - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in 2.1.27 was
      not working.  This is fixed.  (LP: #1779774)

    - Escaping of HTML entities for the web UI is now done more selectively.
      (LP: #1779445)