I've released Mailman 2.1.1 which includes many bug fixes and language updates. This release includes a fix for the cross-site scripting vulnerability, a fix for the cookie problem, any many other bugs. I recommend that all Mailman 2.1 users upgrade to this release.
As usual, I've made both a full source tarball and a patch file available. See
http://sourceforge.net/project/showfiles.php?group_id=103
for links to download all the patches and the source tarballs. If you decide to install the patches, please do read the release notes first:
http://sourceforge.net/project/shownotes.php?release_id=97760
Note that applying the patch does /not/ completely update the language support. If you go the patch route, you will want to cd into the messages directory and run "make catalogs" before installing. This will only work if your OS has the necessary language tools installed. You don't need to do this if your lists are all English-only.
If you have a problem, please download and install the full release. It is safe to install this over version 2.1. You can simply run configure the way you did for 2.1, then do a make install. Be sure you restart your mailman daemon by doing a "mailmanctl restart" after installing.
See also:
http://www.gnu.org/software/mailman
http://www.list.org
http://mailman.sf.net
Cheers, -Barry
-------------------- snip snip -------------------- 2.1.1 (08-Feb-2003)
Lots of bug fixes and language updates. Also:
- Closed a cross-site scripting vulnerability in the user options page.
- Restore the ability to control which headers show up in messages
included in plaintext and MIME digests. See the variables
PLAIN_DIGEST_KEEP_HEADERS and MIME_DIGEST_KEEP_HEADERS in
Defaults.py.
- Messages included in the plaintext digests are now sent through
the scrubber to remove (and archive) attachments. Otherwise,
attachments would screw up plaintext digests. MIME digests
include the attachments inline.
participants (1)
-
barry@python.org