Mailman 2.1.18 Security fix release
This is a heads up. There is a recently identified minor security issue in Mailman 2.1.27 and earlier. This is not something that allows permanent compromise or information leak from your site, but is something that needs to be fixed. This issue has been given CVE ID CVE-2018-13796. I plan to release Mailman 2.1.28 on 24 July, 2018 along with details of the issue and a patch to apply to earlier releases. This is just notification of that plan for those that need to plan ahead. Also, if you are a Mailman translator and you have any updates to your translation, please submit them in some form prior to 24 July so they can be incorporated in the release. -- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Hi, On 07/11/18 10:03, Mark Sapiro wrote:
Also, if you are a Mailman translator and you have any updates to your translation, please submit them in some form prior to 24 July so they can be incorporated in the release.
Rev 1789 commit contains new msgid "Edit this template for" for language selecter button. Please modify it appropriate English and update potfile (or replace it to "View this page in", as listinfo.py, options.py, and roster.py use). Regards, -- Yasuhito FUTATSUKI <futatuki@poem.co.jp>
On 7/10/18 6:56 PM, Yasuhito FUTATSUKI wrote:
Hi,
On 07/11/18 10:03, Mark Sapiro wrote:
Also, if you are a Mailman translator and you have any updates to your translation, please submit them in some form prior to 24 July so they can be incorporated in the release.
Rev 1789 commit contains new msgid "Edit this template for" for language selecter button. Please modify it appropriate English and update potfile (or replace it to "View this page in", as listinfo.py, options.py, and roster.py use).
Thanks for the reminder. I think the English "Edit this template for" is OK as is. The mailman.pot has been updated at <https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1791>. -- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Resending with correct subject (2.1.28, not 2.1.18) On 7/10/18 6:03 PM, Mark Sapiro wrote:
This is a heads up. There is a recently identified minor security issue in Mailman 2.1.27 and earlier. This is not something that allows permanent compromise or information leak from your site, but is something that needs to be fixed. This issue has been given CVE ID CVE-2018-13796.
I plan to release Mailman 2.1.28 on 24 July, 2018 along with details of the issue and a patch to apply to earlier releases.
This is just notification of that plan for those that need to plan ahead.
Also, if you are a Mailman translator and you have any updates to your translation, please submit them in some form prior to 24 July so they can be incorporated in the release.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On 7/10/18 6:03 PM, Mark Sapiro wrote:
This is a heads up. There is a recently identified minor security issue in Mailman 2.1.27 and earlier. This is not something that allows permanent compromise or information leak from your site, but is something that needs to be fixed. This issue has been given CVE ID CVE-2018-13796.
I plan to release Mailman 2.1.28 on 24 July, 2018 along with details of the issue and a patch to apply to earlier releases.
This is just notification of that plan for those that need to plan ahead.
Due to changed circumstances, I am changing the planned release date from 24 July to 23 July. -- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (2)
-
Mark Sapiro
-
Yasuhito FUTATSUKI