Mailman 3 June 2011 - Mailman-coders

[Bug 774588] [NEW] recent change in Utils.websafe() breaks Japanese (and other double-byte language) texts
by Tokio Kikuchi 15 Jun '12

15 Jun '12

Public bug reported: Utils.websafe() escapes characters like < and >. Recent change in this function added 8bit characters like \xbc and \xbe as 'dangerous' characters. This breaks Japanese text display because they appear as a part of double-byte characters. Because these characters are only 'dangerous' for old browsers, I suggest reverting the change or at least making configurable whether the site administrator apply changes or not. ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/774588 Title: recent change in Utils.websafe() breaks Japanese (and other double- byte language) texts

2 3

[Bug 770377] [NEW] Mailman should set the 'secure' cookie flag when accessed via https
by Ward Vandewege 15 Jun '12

15 Jun '12

Public bug reported: When accessed over https, Mailman should set the 'secure' cookie flag. Please see the attached patch which implements that. ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/770377 Title: Mailman should set the 'secure' cookie flag when accessed via https

2 3

[Bug 769318] [NEW] admindb should have 'logout' function
by Tokio Kikuchi 15 Jun '12

15 Jun '12

*** This bug is a security vulnerability *** Private security bug reported: Current 2.1 admindb interface have no link (or button) to logout the administrator/moderator. An administrator can logout from mailman from admin interface but a moderator cannot logout without zapping the moderator cookie by browser's function (if it is provided) or terminating the browser. The admindb web page should have a convenient 'logout' link. Another inconvenience in admin logout funciton is that if the site-wide admin is allowed by mm_cfg.ALLOW_SITE_ADMIN_COOKIES then the administrator cannot logout with visiting the 'Logout' link in the admin page. These bugs are fixed by lp:~tkikuchi/mailman/logout-enforcement and the branch was requested to merge into 2.1 series. ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is a direct subscriber. https://bugs.launchpad.net/bugs/769318 Title: admindb should have 'logout' function

2 2

[Bug 702516] [NEW] RFC 2047 encoded From: header is not correctly parsed.
by Mark Sapiro 15 Jun '12

15 Jun '12

Public bug reported: If a real name or comment in a From: or other sender header is RFC 2047 encoded and the decoding contains an unquoted comma or other special, the Message methods get_sender() and get_senders() can return bogus addresses leading to other issues. A patch is attached. ** Affects: mailman Importance: Medium Assignee: Mark Sapiro (msapiro) Status: In Progress -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/702516 Title: RFC 2047 encoded From: header is not correctly parsed.

2 4

[Bug 677115] [NEW] Reply to to part 3 of a held message notification containing a Approved: first body line fails if reply is base64 encoded.
by Mark Sapiro 15 Jun '12

15 Jun '12

Public bug reported: A list moderator receives a held message notification and attempts to approve the message by replying to the third part (second attachment) and including an Approved: <password> line as the first line of the reply. If the moderator's MUA base64 encodes the reply for i18n or other reasons, the Approved: line is not found and the message is discarded. ** Affects: mailman Importance: Undecided Status: New -- Reply to to part 3 of a held message notification containing a Approved: first body line fails if reply is base64 encoded. https://bugs.launchpad.net/bugs/677115 You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman.

1 2

[Bug 670988] [NEW] Missing format character in Spanish translation
by Mark Sapiro 15 Jun '12

15 Jun '12

Public bug reported: The Spanish (es) translation of the bin/check_perms message "%(path)s bad group (has: %(groupname)s, expected %(MAILMAN_GROUP)s)" is missing the 's' in '%(path)s'. This prevents check_perms from reporting/fixing group errors and any other problems not found before the first group error. ** Affects: mailman Importance: Undecided Status: New -- Missing format character in Spanish translation https://bugs.launchpad.net/bugs/670988 You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman.

1 2

[Bug 778088] [NEW] User can set a password with trailing whitespace which prevents login.
by Mark Sapiro 19 May '12

19 May '12

Public bug reported: Both the subscribe CGI and the user options CGI allow setting a password with trailing whitespace, but options login strips the trailing whitespace before validating. Thus, the user can't log in to the options page. ** Affects: mailman Importance: Medium Assignee: Mark Sapiro (msapiro) Status: Triaged -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/778088 Title: User can set a password with trailing whitespace which prevents login.

1 1

[Bug 714424] [NEW] Held message user notification should be from -owner, not -bounces
by Mark Sapiro 19 May '12

19 May '12

Public bug reported: If respond_to_post_requests is Yes the notice to the poster of a held post is From: the listname-bounces address. It should be from the listname-owner address. ** Affects: mailman Importance: Medium Assignee: Mark Sapiro (msapiro) Status: Triaged -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/714424 Title: Held message user notification should be from -owner, not -bounces

1 1

[Bug 776122] [NEW] Bootstrap phase of setup fails
by Richard Wackerbarth 07 Apr '12

07 Apr '12

Public bug reported: When attempting to build MM3 from source, the buildout phase of the bootstrap fails. The code cannot recognize the version number of the MM source. This is because the regular expression in setup.py is looking for the version to be enclosed by ", but the version.py file uses '. ** Affects: mailman Importance: Undecided Status: New ** Tags: mm3 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/776122 Title: Bootstrap phase of setup fails

3 2

[Bug 782474] [NEW] Re-design the mailman favicon
by Tokio Kikuchi 07 Apr '12

07 Apr '12

Public bug reported: The new mailman logo is very nice and cool. But, the reduced favicon (mm-icon.png) looks rather shabby because of its limited size and resolution. I redesigned the favicon by emphasizing the feature of crescent like lines. I also make it a 'true' windows icon format so you can put it on your desk top and make a link to your mailman site. ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/782474 Title: Re-design the mailman favicon

2 4

Mailman-coders June 2011