Mailman-i18n

mailman-i18n@python.org

777 discussions

Mailman 2.1.39 Release
by Mark Sapiro 13 Dec '21

13 Dec '21

I am pleased to announce the release of Mailman 2.1.39. This is a bug fix release. It fixes https://bugs.launchpad.net/mailman/+bug/1954694 This addresses two issues. The fix for CVE-2021-42097 was case sensitive and should not be. The fix for CVE-2021-44227 introduced a potential NameError in logging. This could cause a user's changes to the option's page to not be accepted and perhaps cause a `We hit a bug` response if the user visited the page with a mixed- or upper-case email address For those who just want a patch one is attached to the bug report. As noted Mailman 2.1.30 was the last feature release of the Mailman 2.1 branch from the GNU Mailman project. There has been some discussion as to what this means. It means there will be no more releases from the GNU Mailman project containing any new features. There may be future patch releases to address the following: i18n updates. security issues. bugs affecting operation for which no satisfactory workaround exists. Mailman 2.1.39 is the ninth such patch release. Mailman is free software for managing email mailing lists and e-newsletters. Mailman is used for all the python.org and SourceForge.net mailing lists, as well as at hundreds of other sites. For more information, please see our web site at one of: http://www.list.org https://www.gnu.org/software/mailman http://mailman.sourceforge.net/ Mailman 2.1.39 can be downloaded from https://launchpad.net/mailman/2.1/ https://ftp.gnu.org/gnu/mailman/ https://sourceforge.net/projects/mailman/ -- Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

1 0

Mailman 2.1.38 security release
by Mark Sapiro 30 Nov '21

30 Nov '21

A CSRF vulnerability has been reported by Riccardo Schirone of RedHat. This is assigned CVE-2021-44227. I plan to release Mailman 2.1.38 on Tuesday, 30 November to fix this. -- Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

1 1

Mailman 2.1 security release
by Mark Sapiro 12 Nov '21

12 Nov '21

I am pleased to announce the release of Mailman 2.1.36. This is a security release. It fixes https://bugs.launchpad.net/mailman/+bug/1949401 CVE-2021-43331 and https://bugs.launchpad.net/mailman/+bug/1949403 CVE-2021-43332. The former of these could allow an XSS attack against the user options page and the latter could allow a list moderator to discover the list admin password via a brute force attack against the admindb page CSRF token. For those who just want a patch for the security issues, patches are atteched. As noted Mailman 2.1.30 was the last feature release of the Mailman 2.1 branch from the GNU Mailman project. There has been some discussion as to what this means. It means there will be no more releases from the GNU Mailman project containing any new features. There may be future patch releases to address the following: i18n updates. security issues. bugs affecting operation for which no satisfactory workaround exists. Mailman 2.1.36 is the sixth such patch release. Mailman is free software for managing email mailing lists and e-newsletters. Mailman is used for all the python.org and SourceForge.net mailing lists, as well as at hundreds of other sites. For more information, please see our web site at one of: http://www.list.org https://www.gnu.org/software/mailman http://mailman.sourceforge.net/ Mailman 2.1.36 can be downloaded from https://launchpad.net/mailman/2.1/ https://ftp.gnu.org/gnu/mailman/ https://sourceforge.net/projects/mailman/ -- Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

1 2

Mailman 2.1 security release
by Mark Sapiro 06 Nov '21

06 Nov '21

Two new security issues have been reported in Mailman 2.1. These have been given the IDs CVE-2021-43331 and CVE-2021-43332. I plan to release 2.1.36 with full details this Friday, November 12. At that time the vulnerabilities will be made public and patches will also be made available. -- Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

1 0

Mailman 2.1 security release
by Mark Sapiro 20 Oct '21

20 Oct '21

A couple of vulnerabilities have recently been reported. Thanks to Andre Protas, Richard Cloke and Andy Nuttall of Apple for reporting these and helping with the development of a fix. CVE-2021-42096 could allow a list member to discover the list admin password. CVE-2021-42097 could allow a list member to create a successful CSRF attack against another list member enabling takeover of the members account. These attacks can't be carried out by non-members so may not be of concern for sites with only trusted list members. In any case, I am planning to make a 2.1.35 release and to post a patch for those who don't want to upgrade to address these issues. This is scheduled for Tuesday, October 19. -- Mark Sapiro <mark(a)msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

1 3

Hyperkitty and mailman-hyperkitty releases
by Abhilash Raj 13 Oct '21

13 Oct '21

Hello Everyone, I have just tagged and released Hyperkitty 1.3.5 and mailman-hyperkitty plugin 1.2.0 to PyPI. This release includes some changes in the authentication between mailman-hyperkitty plugin and Hyperkitty. For that reason, it is important to upgrade both Hyperkitty and mailman-hyperkitty plugin to the latest versions, or it could result in a broken installation. This release of Hyperkitty has bugfixes, some new features and some security enhancements. A full list of changes is available at: https://docs.mailman3.org/projects/hyperkitty/en/latest/news.html#news-1-3-5 The release tarball is available at PyPI: https://pypi.org/project/HyperKitty/#files https://pypi.org/project/mailman-hyperkitty/#files You can upgrade your installations by running: pip install mailman-hyperkitty hyperkitty -U After the upgrade, please make sure to run these commands: https://docs.mailman3.org/en/latest/upgrade-3.2.html#post-upgrade Also, make sure to restart Mailman Core after upgrading mailman-hyperkitty plugin. Finally, many thanks to all the people who contributed to this release. -- thanks, Abhilash Raj (maxking)

1 0

Ann: Postorius 1.3.6b1 is now out
by Abhilash Raj 28 Sep '21

28 Sep '21

Hey Everyone, I am pleased to announce that Postorius 1.3.6b1 is now out. This is the first pre-release for 1.3.6, which is slated to release next week soon after Mailman Core 3.3.5 release. This release requires Mailman Core 3.3.5 release, so if you are trying out this release, please also upgrade Mailman Core to 3.3.5rc1 (which was just released today). This release includes several new features and bug fixes. A full list of changes is available here[1]. With this release, we have also improved on the localization of the interface, if you want to help out before the release of the stable 1.3.6, please see the instructions for translators here[2]. We use Weblate for translations, so if you are familiar with that, you can directly head over there[3]. Since this is a pre-release version, you can install this using pip via: $ pip install --upgrade --pre postorius django-mailman3 mailmanclient Please also ensure to run the post-install commands as per the upgrade documentation[4] (commands _after_ pip install, needs a post-install heading/anchor in there :-). A release tarball is available on PyPI: https://pypi.org/project/postorius/1.3.6b1/#files Finally, thanks to all the folks who helped with this release in any capacity and made it possible. [1]: https://docs.mailman3.org/projects/postorius/en/latest/news.html#news-1-3-6 [2]: https://docs.mailman3.org/en/latest/translation.html [3]: https://hosted.weblate.org/projects/gnu-mailman/postorius/ [4]: https://docs.mailman3.org/en/latest/upgrade-3.2.html#virtualenv-install thanks, Abhilash

1 1

Ann: Mailman Core 3.3.5b1 is out
by Abhilash Raj 28 Sep '21

28 Sep '21

Hello Everyone, I am pleased to announce that Mailman Core 3.3.5b1 is now out. It is a pre-release for 3.3.5, which is slated to come out in 3 weeks from now. I am planning for a 2 week beta period, after which I'll release the first RC and then stable a week after. Right now I am not planning to release a second beta version, but if there are several changes in Core in the next week or so, then I might. This release includes a lot of bug fixes and some new features. It also includes a security enhancement that improves the authentication of REST API by adding resistance to some timing channel attacks. A full list of changes in this version can be found here[1]. [1]: https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/docs/NEWS.… We have also made improvements in the i18n workflow and now the email templates are updated from the translated messages in the .po files that we get from Weblate. Documentation for translators is available here[2] if you want to help translate Mailman into your native language. [2]: https://docs.mailman3.org/en/latest/translation.html This is a pre-release version, if you want to test it with your setup, you can install it using: $ pip install --pre mailman==3.3.5b1 If you want to download a release tarball, you can do so from here: https://pypi.org/project/mailman/3.3.5b1/#files This release received a lot of contributions from community, which I am really happy about! I'd like to thank everyone who made this release possible! -- thanks, Abhilash Raj (maxking)

1 2

German translation
by Markus Schaaf 22 Sep '21

22 Sep '21

Dear translators, after installing mailman-3 and postorius for the first time, I'm unhappy with the German translations. I understand that new translators are invited to use weblate. So I had registered an account there and tried to fix listed problems first. But I didn't complete this undertaking, because IMHO the current German translations of some important (technical) terms are unfavourable, if not unintelligible, and also inconsistent. So instead of adding to the confusion, I would favour a major overhaul. These are my first steps as a potential translator and there are certainly rules and manners I'd better know about. So all tips and suggestions are welcome. The rest of my post is in German on purpose. Ich weiß, dass ich mit diesen Bemerkungen vielleicht keine Freude und auch keine ungeteilte Zustimmung auslöse, aber ich finde die Übersetzung einiger technischer Schlüsselbegriffe sehr unglücklich: bounce: Ist ein technischer Begriff, der nicht zu übersetzen ist. Der Bounce, bouncen, gebouncet, der Bounce-Zähler usw. - Wer den Begriff nicht kennt, kann ihn so googlen. Es gibt keine etablierte deutsche Übersetzung. list member, subscriber, (un)subscribe, subscription: Das ist ein Schlüsselkonzept. Hier muss unbedingt eine einheitliche Terminologie eingehalten werden. "Mitglied" ist zwar eine direkte Übersetzung, aber ein leicht missverständlicher Begriff. "Abonnement" ist ein etabliertes Wort, welches für dieses Konzept auch in anderen Programmen (Thunderbird z.B.) verwendet wird. Abonnent, abonnieren, kündigen, Abonnement message, post, e-mail, submission: Hier ist das englische Original auch schrecklich verwirrt. Das kann man in der Übersetzung verbessern. Ich würde generell "(eingereichte) Nachricht" verwenden, "E-Mail" nur an den Stellen, wo es verständlicher oder präziser ist, etwa bei Nachrichten, die explizit als E-Mails empfangen oder gesendet werden, oder wo es um technische Details geht, die sich explizit auf E-Mails beziehen, etwa beim SMTP-Versand etc. plain text Ist ein technischer Begriff. Nicht übersetzen. Plain-Text (message) thread ist sehr uneinheitlich übersetzt. Mein Vorschlag "Diskussionsfaden". "-strang" klingt für mich zu derb. Gibt noch andere englische Worte, die mir jetzt nicht einfallen, die trotzdem so übersetzt werden müssen. Es gibt noch mehr, aber das sind die Dinge, die mir sofort aufgefallen sind. Falls es einen Maintainer der deutschen Übersetzung gibt, freue ich mich über Kontakt. Ich hoffe, ich bin nicht angeeckt. :-) MfG

2 2

Internationalization instructions seem to be outdated, can it be fixed?
by ipomoea＠hilarious.com 30 May '21

30 May '21

Hello, I hope it's ok that I write my questions to the mailing list. I newly discovered the possibility of translating Mailman. However, the instructions given are a bit hard for me to follow. Specifically, there are things that cannot be done: * https://wiki.list.org/DEV/Internationalization instructs to write to one's Mailman Language Champion; I wrote to the Champion for Ukrainian, but his email is rejecting letters. * It is mentioned on https://wiki.list.org/DEV/i18nhowto that Mailman3 is not ready for translation yet – it's hard for me to believe, that this is still the case, taking into consideration that that page is said to be last updated several years ago. I have trouble understanding what's the current situation. lists.wikimedia.org is said to use Mailman3 now; I see some interface lines in English but some in Ukrainian as well, so at least some translations were imported into newer version(?) But I don't see where I can translate Mailman3. If I'm missing something, please point me in the right direction. But if my assumption is right and the instruction pages are indeed outdated, how can we fix that? Best regards, Ata

2 1

Jump to page:

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

Mailman-i18n