Mailman-coders November 2013

mailman-coders@python.org

9 participants
126 discussions

[Bug 775294] [NEW] Set lifetime for input forms
by Tokio Kikuchi 05 Sep '16

05 Sep '16

*** This bug is a security vulnerability *** Private security bug reported: We may have to set lifetime for input forms because of recent activities on cross-site request forgery (CSRF). The form lifetime is successfully deployed in frameworks like web.py or plone etc. Proposed branch lp:~tkikuchi/mailman/form-lifetime implement lifetime in admin, admindb, options and edithtml interfaces. Other forms like create and rmlist have confirmation by password thus are safe regarding CSRF. The form generation time is set by a hidden parameter whose value is calculated following the mailman cookie algorithm. The default lifetime is set 1 hour in Default.py thus configurable by a site administrator. If a password is set in request, authorization cookie is discarded so the password authentication is forced. Wget tricks to manage list in FAQ can be used as they are now. ** Affects: mailman Importance: Undecided Status: New ** Branch linked: lp:~tkikuchi/mailman/form-lifetime -- You received this bug notification because you are a member of Mailman Coders, which is a direct subscriber. https://bugs.launchpad.net/bugs/775294 Title: Set lifetime for input forms

2 5

[Bug 1104498] [NEW] Member contact requests
by Kẏra 01 Apr '16

01 Apr '16

Public bug reported: When configured to hide email addresses. a mailman user should be able to contact someone else by using a request contact form a profile page representing a user. This form would email the recipient of the request a short message explaining who is trying to get in contact, and the email address of the user requesting contact. ** Affects: mailman Importance: Undecided Status: New ** Tags: wishlist -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1104498 Title: Member contact requests To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1104498/+subscriptions

6 6

[Bug 889829] [NEW] setup takes zope interface 3.5.1, but needs 3.8.0
by Harry Enke 31 Jul '15

31 Jul '15

Public bug reported: separate installation of zope interface 3.8.0 fixes the issue, afterwards mailman 3.0.0.8a OS: Scientific Linux 6.1, Python 2.6.6 ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/889829 Title: setup takes zope interface 3.5.1, but needs 3.8.0 To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/889829/+subscriptions

3 7

[Bug 1196608] [NEW] Better theming
by Kẏra 08 Jun '15

08 Jun '15

Public bug reported: Using Bootstrap ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1196608 Title: Better theming To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1196608/+subscriptions

3 4

[Bug 1104507] [NEW] Web feeds
by Kẏra 08 Jun '15

08 Jun '15

Public bug reported: Mailman should create atom/rss web feeds from lists as well as individual posts (threads) or searches. ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1104507 Title: Web feeds To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1104507/+subscriptions

4 5

[Bug 1036207] [NEW] mailman.client hangs accessing moderation queue
by Stephen Turnbull 08 Jun '15

08 Jun '15

Public bug reported: Here's what I did as recorded in Terminal.app: steve@turnbull:~/src/Mailman3/mailman.client$ python Python 2.7.3rc2 (default, Apr 22 2012, 22:30:17) [GCC 4.6.3] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import os >>> import time >>> import subprocess >>> from mailman.client import Client >>> c = Client('http://localhost:8001/3.0', 'restadmin', 'restpass') >>> dump(c.system) Traceback (most recent call last): File "<stdin>", line 1, in <module> NameError: name 'dump' is not defined >>> c.lists [<List "mm3-test(a)turnbull.sk.tsukuba.ac.jp">] >>> c.domains [<Domain "turnbull.sk.tsukuba.ac.jp">] >>> print c.domains[0].url_host turnbull.sk.tsukuba.ac.jp >>> print c.domains[0].mail_host turnbull.sk.tsukuba.ac.jp >>> l = c.lists[0] >>> l.fqdn_listname u'mm3-test(a)turnbull.sk.tsukuba.ac.jp' >>> c.get_list('mm3-test(a)turnbull.sk.tsukuba.ac.jp') <List "mm3-test(a)turnbull.sk.tsukuba.ac.jp"> >>> c.get_list(u'mm3-test(a)turnbull.sk.tsukuba.ac.jp') <List "mm3-test(a)turnbull.sk.tsukuba.ac.jp"> >>> c.members [<Member "turnbull(a)sk.tsukuba.ac.jp" on "mm3-test(a)turnbull.sk.tsukuba.ac.jp">] >>> print c.members[0].self_link http://localhost:8001/3.0/members/230487102891977069915270988864921324936 >>> print c.members[0].link Traceback (most recent call last): File "<stdin>", line 1, in <module> AttributeError: '_Member' object has no attribute 'link' >>> print c.users[0] <User "None" (323817100493882819169277267745120573853)> >>> print c.users [<User "None" (323817100493882819169277267745120573853)>] >>> print c.users[0].addresses <mailman.client._client._Addresses object at 0x7f6b849c7a10> >>> print c.users[0].addresses[0] Traceback (most recent call last): File "<stdin>", line 1, in <module> TypeError: '_Addresses' object does not support indexing >>> for a in print c.users[0].addresses: File "<stdin>", line 1 for a in print c.users[0].addresses: ^ SyntaxError: invalid syntax >>> for a in c.users[0].addresses: ... print a ... turnbull(a)sk.tsukuba.ac.jp >>> for a in sorted(l.settings): ... print a + ': ' + string(l.settings[a]) ... Traceback (most recent call last): File "<stdin>", line 2, in <module> NameError: name 'string' is not defined >>> for a in sorted(l.settings): ... print a + ': ' + str(l.settings[a]) ... acceptable_aliases: [] admin_immed_notify: True admin_notify_mchanges: False administrivia: True advertised: True allow_list_posts: True anonymous_list: False autorespond_owner: none autorespond_postings: none autorespond_requests: none autoresponse_grace_period: 90d autoresponse_owner_text: autoresponse_postings_text: autoresponse_request_text: bounces_address: mm3-test-bounces(a)turnbull.sk.tsukuba.ac.jp collapse_alternatives: True convert_html_to_plaintext: False created_at: 2012-08-09T03:16:21.186456 default_member_action: defer default_nonmember_action: hold description: digest_last_sent_at: None digest_size_threshold: 30.0 display_name: Mm3-test filter_content: False fqdn_listname: mm3-test(a)turnbull.sk.tsukuba.ac.jp generic_nonmember_action: 1 http_etag: "b8b4e1df6bc8d8ee33f363927022d0bcc86569bb" include_rfc2369_headers: True join_address: mm3-test-join(a)turnbull.sk.tsukuba.ac.jp last_post_at: None leave_address: mm3-test-leave(a)turnbull.sk.tsukuba.ac.jp list_name: mm3-test mail_host: turnbull.sk.tsukuba.ac.jp next_digest_number: 1 no_reply_address: noreply(a)turnbull.sk.tsukuba.ac.jp owner_address: mm3-test-owner(a)turnbull.sk.tsukuba.ac.jp post_id: 1 posting_address: mm3-test(a)turnbull.sk.tsukuba.ac.jp posting_pipeline: default-posting-pipeline reply_goes_to_list: no_munging request_address: mm3-test-request(a)turnbull.sk.tsukuba.ac.jp scheme: http send_welcome_message: True volume: 1 web_host: turnbull.sk.tsukuba.ac.jp welcome_message_uri: mailman:///welcome.txt >>> dir() ['Client', '__builtins__', '__doc__', '__name__', '__package__', 'a', 'c', 'l', 'os', 'subprocess', 'time'] >>> dir(Client) ['__class__', '__delattr__', '__dict__', '__doc__', '__format__', '__getattribute__', '__hash__', '__init__', '__module__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__', '__weakref__', 'create_domain', 'delete_domain', 'delete_list', 'domains', 'get_domain', 'get_list', 'get_user', 'lists', 'members', 'preferences', 'system', 'users'] >>> dir(Client.system) ['__class__', '__delattr__', '__delete__', '__doc__', '__format__', '__get__', '__getattribute__', '__hash__', '__init__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__set__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__', 'deleter', 'fdel', 'fget', 'fset', 'getter', 'setter'] >>> dir(l) ['__class__', '__delattr__', '__dict__', '__doc__', '__format__', '__getattribute__', '__hash__', '__init__', '__module__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__', '__weakref__', '_connection', '_get_info', '_info', '_url', 'accept_message', 'defer_message', 'delete', 'discard_message', 'display_name', 'fqdn_listname', 'get_member', 'held', 'list_name', 'mail_host', 'members', 'moderate_message', 'reject_message', 'settings', 'subscribe', 'unsubscribe'] >>> l._connection.__doc__ u'A connection to the REST client.' >>> l.held.__doc__ ^CTraceback (most recent call last): File "<stdin>", line 1, in <module> File "mailman/client/_client.py", line 350, in held 'lists/{0}/held'.format(self.fqdn_listname), None, 'GET') File "mailman/client/_client.py", line 114, in call response, content = Http().request(url, method, data, headers) File "/usr/lib/python2.7/dist-packages/httplib2/__init__.py", line 1543, in request (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey) File "/usr/lib/python2.7/dist-packages/httplib2/__init__.py", line 1293, in _request (response, content) = self._conn_request(conn, request_uri, method, body, headers) File "/usr/lib/python2.7/dist-packages/httplib2/__init__.py", line 1263, in _conn_request response = conn.getresponse() File "/usr/lib/python2.7/httplib.py", line 1030, in getresponse response.begin() File "/usr/lib/python2.7/httplib.py", line 407, in begin version, status, reason = self._read_status() File "/usr/lib/python2.7/httplib.py", line 365, in _read_status line = self.fp.readline() File "/usr/lib/python2.7/socket.py", line 430, in readline data = recv(1) File "/home/steve/src/Mailman3/mailman-trunk/src/mailman/email/message.py", l\ ine 226, in _enqueue virginq.enqueue(self, **str_keywords) File "/home/steve/src/Mailman3/mailman-trunk/src/mailman/core/switchboard.py"\ , line 123, in enqueue msgsave = cPickle.dumps(_msg, protocol) After the above I tried a couple of things, like printing l.held (with no further attribute). These also hung for a few seconds and I interrupted with ^C. Eventually it failed with an error about not being connected to Mailman. I thought Mailman had crashed, but when I tried shutting down Mailman using bin/mailman, it seemed to shut down normally. ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1036207 Title: mailman.client hangs accessing moderation queue To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1036207/+subscriptions

3 4

[Bug 1006345] [NEW] Anonymous subscription via confirmation email
by Robert Niederreiter 08 Jun '15

08 Jun '15

Public bug reported: Currently it is not possible to subscribe as anonymous user. ** Affects: postorius Importance: Undecided Status: New ** Tags: anonymous confirmation subscription ui -- You received this bug notification because you are a member of Mailman Coders, which is the registrant for Postorius. https://bugs.launchpad.net/bugs/1006345 Title: Anonymous subscription via confirmation email To manage notifications about this bug go to: https://bugs.launchpad.net/postorius/+bug/1006345/+subscriptions

7 16

[Bug 1104497] [NEW] User profile pages
by Kẏra 08 Jun '15

08 Jun '15

Public bug reported: Mailman users should have a profile page that is common to all the lists in the instance. The profile should store all the user's personal information (if any), and lists all of the posts by that user. ** Affects: mailman Importance: Undecided Status: New ** Tags: wishlist -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1104497 Title: User profile pages To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1104497/+subscriptions

5 5

[Bug 1252575] [NEW] The Mail<->News gateway doesn't honor moderation or *_these_nonmembers for messages gated from usnet.
by Mark Sapiro 23 May '15

23 May '15

Public bug reported: Messages gated to a list from usenet bypass all the checks in Moderate.py. It is appropriate to bypass generic_nonmember_action because many usenet posts will be from nonmembers of the list, but if the sender is a moderated member or a nonmember matching one of the *_these_nonmembers filters, those things should be honored. ** Affects: mailman Importance: Medium Assignee: Mark Sapiro (msapiro) Status: In Progress -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1252575 Title: The Mail<->News gateway doesn't honor moderation or *_these_nonmembers for messages gated from usnet. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1252575/+subscriptions

4 5

[Bug 1197473] [NEW] moderating usenet->mailman posts
by Karl Berry 23 May '15

23 May '15

Public bug reported: In http://www.mail-archive.com/mailman-users%40python.org/msg62889.html, I explained the (very strong) desirability of having posts made from Usenet to Mailman be subject to normal moderation rules instead of automatically and unconditionally approved. (In short, to not let Usenet spam through to the mailing lists without any checking.) In his reply, http://www.mail-archive.com/mailman- users%40python.org/msg62890.html, Mark gave a simple one-line change (that is working fine so far as we can tell). When I asked, Mark told me that the change couldn't be made for mailman 2.1, since it would need to be a user option and thus have i18n impact, so suggested that I post it here, tagged mailman3, which I hope I've done here. Happy hacking, Karl ** Affects: mailman Importance: Undecided Status: New ** Tags: mailman3 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1197473 Title: moderating usenet->mailman posts To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1197473/+subscriptions

3 2

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

Mailman-coders November 2013