[Mailman-Users] Mailman 2.1.10b4 Released

Mark Sapiro mark at msapiro.net
Fri Mar 14 03:26:54 CET 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am happy to announce the next beta release of Mailman 2.1.10.

This is a security and bug fix release and it is highly recommended
that all sites upgrade to this version. Mailman 2.1.10 also adds support
for three new language translations, Galician, Hebrew and Slovak and a
few new features.

Mailman is free software for managing email mailing lists and e-
newsletters. Mailman is used for all the python.org and
SourceForge.net mailing lists, as well as at hundreds of other sites.

For more information, including download links, please see:

http://www.list.org
http://mailman.sf.net
http://www.gnu.org/software/mailman

Special thanks are due to Barry Warsaw and Tokio Kikuchi for much coding
and support, Moritz Naumann for help with security issues and Jim Tittsler
for a significant patch.

Here's a list of the major changes.

Security

- - The 2.1.9 fixes for CVE-2006-3636 were not complete. In particular,
some potential cross-site scripting attacks were not detected in
editing templates and updating the list's info attribute via the web
admin interface. This has been assigned CVE-2008-0564 and has been

fixed. Thanks again to Moritz Naumann for assistance with this.


New Features

- - Changed cmd_who.py to list all members if authorization is with the
list's admin or moderator password and to accept the password if the
roster is public. Also changed the web roster to show hidden members
when authorization is by site or list's admin or moderator password
(1587651).

- - Added the ability to put a list name in accept_these_nonmembers
to accept posts from members of that list (1220144).

- - Added a new 'sibling list' feature to exclude members of another list
from receiving a post from this list if the other list is in the To: or
Cc: of the post or to include members of the other list if that list is
not in the To: or Cc: of the post (Patch ID 1347962).

- - Added the admin_member_chunksize attribute to the admin General Options
interface (Bug 1072002, Partial RFE 782436).

Internationalization

- - Added the Hebrew translation from Dov Zamir. This includes addition of
a direction ('ltr', 'rtl') to the LC_DESCRIPTIONS table. The
add_language() function defaults direction to 'ltr' to not break
existing mm_cfg.py files.

- - Added the Slovak translation from Martin Matuska.

- - Added the Galician translation from Frco. Javier Rial Rodríguez.


Changes since 2.1.10b3 include the Galician translation and updates to
the French translation (Vietnamese and Danish translations were updated
in 2.1.10b3). Other changes since 2.1.10b3 include:

- - In 2.1.9, queue runner processing was made
~  more robust by making backups of queue entries when they were dequeued
~  so they could be recovered in the event of a system failure.  This
~  opened the possibility that if a message itself caused a runner to
~  crash, a loop could result that would endlessly reprocess the message.
~  This has now been fixed by adding a dequeue count to the entry and
~  moving the entry aside and logging the fact after the third dequeue of
~  the same entry.

- - Fixed the command line scripts add_members, sync_members and
~  clone_member to properly handle banned addresses (1904737).

- - Fixed bin/newlist to add the list's preferred language to the list's
~  available_languages if it is other than the server's default language
~  (1906368).

- - Changed the first URL in the RFC 2369 List-Unsubscribe: header to go
~  to the options login page instead of the listinfo page.

- - Changed the options login page to not issue the "No address given"
~  error when coming from the List-Unsubscribe and other direct links.
~  Also changed to remember the user's language selection when
~  redisplaying the page following an error.


/Mark Sapiro

- --
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFH2eJuVVuXXpU7hpMRAihOAJ4zIREWCWCQt7YDDHp3frDHjzwkCQCfdh7J
W3UKWsTTfStBE4z64oqa36c=
=ZedT
-----END PGP SIGNATURE-----

More information about the Mailman-Users mailing list