summaryrefslogtreecommitdiff
path: root/mail
diff options
context:
space:
mode:
authorbouyer <bouyer@pkgsrc.org>2006-09-09 23:20:11 +0000
committerbouyer <bouyer@pkgsrc.org>2006-09-09 23:20:11 +0000
commit3fb1cdf53067a7029312543f38ccac2309ec1d28 (patch)
treed172b8f851be2d098d6633b11792ca5b3d1c653b /mail
parent6042af91caac1c6c787f56d10aec7dc97ffcda04 (diff)
downloadpkgsrc-3fb1cdf53067a7029312543f38ccac2309ec1d28.tar.gz
Update to 2.1.9rc1, fixes security issues.
Security - A malicious user could visit a specially crafted URI and inject an apparent log message into Mailman's error log which might induce an unsuspecting administrator to visit a phishing site. This has been blocked. Thanks to Moritz Naumann for its discovery. - Fixed denial of service attack which can be caused by some standards-breaking RFC 2231 formatted headers. CVE-2006-2941. - Several cross-site scripting issues have been fixed. Thanks to Moritz Naumann for their discovery. CVE-2006-3636 Internationalization - New languages: Arabic, Vietnamese. Bug fixes and other patches - Fixed Decorate.py so that characters in message header/footer which are not in the character set of the list's language are ignored rather than causing shunted messages (1507248). - Switchboard.py - Closed very tiny holes at the upper ends of queue slices that could result in unprocessable queue entries. Improved FIFO processing when two queue entries have the same timestamp.
Diffstat (limited to 'mail')
-rw-r--r--mail/mailman/Makefile6
-rw-r--r--mail/mailman/PLIST110
-rw-r--r--mail/mailman/distinfo8
3 files changed, 116 insertions, 8 deletions
diff --git a/mail/mailman/Makefile b/mail/mailman/Makefile
index 541d27e6800..f343a4d990a 100644
--- a/mail/mailman/Makefile
+++ b/mail/mailman/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.44 2006/06/15 22:13:59 jlam Exp $
+# $NetBSD: Makefile,v 1.45 2006/09/09 23:20:11 bouyer Exp $
-DISTNAME= mailman-2.1.8
+DISTNAME= mailman-2.1.9rc1
CATEGORIES= mail www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=mailman/}
EXTRACT_SUFX= .tgz
@@ -64,9 +64,9 @@ DEINSTALL_TEMPLATES+= ${FILESDIR}/DEINSTALL
PYTHON_VERSIONS_ACCEPTED= 24 23 22 21
PYTHON_PATCH_SCRIPTS+= Mailman/Archiver/pipermail.py
PYTHON_PATCH_SCRIPTS+= Mailman/Post.py
-PYTHON_PATCH_SCRIPTS+= admin/bin/Release.py
PYTHON_PATCH_SCRIPTS+= admin/bin/faq2ht.py
PYTHON_PATCH_SCRIPTS+= admin/bin/mm2do
+PYTHON_PATCH_SCRIPTS+= admin/www/reset_pw.py
PYTHON_PATCH_SCRIPTS+= bin/msgfmt.py
CONFIGURE_ARGS+= --with-cgi-gid=${MAILMAN_CGIGROUP:Q}
diff --git a/mail/mailman/PLIST b/mail/mailman/PLIST
index ea8977f1e78..aa6787fe04c 100644
--- a/mail/mailman/PLIST
+++ b/mail/mailman/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.11 2006/05/10 13:18:21 joerg Exp $
+@comment $NetBSD: PLIST,v 1.12 2006/09/09 23:20:11 bouyer Exp $
lib/mailman/Mailman/Archiver/Archiver.py
lib/mailman/Mailman/Archiver/Archiver.pyc
lib/mailman/Mailman/Archiver/HyperArch.py
@@ -359,6 +359,8 @@ lib/mailman/icons/mailman-large.jpg
lib/mailman/icons/mailman.jpg
lib/mailman/icons/mm-icon.png
lib/mailman/mail/mailman
+lib/mailman/messages/ar/LC_MESSAGES/mailman.po
+lib/mailman/messages/ar/LC_MESSAGES/mailman.mo
lib/mailman/messages/ca/LC_MESSAGES/mailman.mo
lib/mailman/messages/ca/LC_MESSAGES/mailman.po
lib/mailman/messages/cs/LC_MESSAGES/mailman.mo
@@ -427,6 +429,8 @@ lib/mailman/messages/tr/LC_MESSAGES/mailman.mo
lib/mailman/messages/tr/LC_MESSAGES/mailman.po
lib/mailman/messages/uk/LC_MESSAGES/mailman.mo
lib/mailman/messages/uk/LC_MESSAGES/mailman.po
+lib/mailman/messages/vi/LC_MESSAGES/mailman.po
+lib/mailman/messages/vi/LC_MESSAGES/mailman.mo
lib/mailman/messages/zh_CN/LC_MESSAGES/mailman.po
lib/mailman/messages/zh_CN/LC_MESSAGES/mailman.mo
lib/mailman/messages/zh_TW/LC_MESSAGES/mailman.po
@@ -611,6 +615,50 @@ lib/mailman/scripts/request
lib/mailman/scripts/subscribe
lib/mailman/scripts/unsubscribe
lib/mailman/support/sitelist.cfg
+lib/mailman/templates/ar/admindbdetails.html
+lib/mailman/templates/ar/admindbpreamble.html
+lib/mailman/templates/ar/admindbsummary.html
+lib/mailman/templates/ar/admlogin.html
+lib/mailman/templates/ar/archidxentry.html
+lib/mailman/templates/ar/archidxfoot.html
+lib/mailman/templates/ar/archidxhead.html
+lib/mailman/templates/ar/archlistend.html
+lib/mailman/templates/ar/archliststart.html
+lib/mailman/templates/ar/archtoc.html
+lib/mailman/templates/ar/archtocentry.html
+lib/mailman/templates/ar/archtocnombox.html
+lib/mailman/templates/ar/article.html
+lib/mailman/templates/ar/emptyarchive.html
+lib/mailman/templates/ar/headfoot.html
+lib/mailman/templates/ar/listinfo.html
+lib/mailman/templates/ar/options.html
+lib/mailman/templates/ar/private.html
+lib/mailman/templates/ar/roster.html
+lib/mailman/templates/ar/subscribe.html
+lib/mailman/templates/ar/adminsubscribeack.txt
+lib/mailman/templates/ar/adminunsubscribeack.txt
+lib/mailman/templates/ar/approve.txt
+lib/mailman/templates/ar/bounce.txt
+lib/mailman/templates/ar/checkdbs.txt
+lib/mailman/templates/ar/convert.txt
+lib/mailman/templates/ar/cronpass.txt
+lib/mailman/templates/ar/disabled.txt
+lib/mailman/templates/ar/help.txt
+lib/mailman/templates/ar/invite.txt
+lib/mailman/templates/ar/masthead.txt
+lib/mailman/templates/ar/newlist.txt
+lib/mailman/templates/ar/nomoretoday.txt
+lib/mailman/templates/ar/postack.txt
+lib/mailman/templates/ar/postauth.txt
+lib/mailman/templates/ar/postheld.txt
+lib/mailman/templates/ar/probe.txt
+lib/mailman/templates/ar/refuse.txt
+lib/mailman/templates/ar/subauth.txt
+lib/mailman/templates/ar/subscribeack.txt
+lib/mailman/templates/ar/unsub.txt
+lib/mailman/templates/ar/unsubauth.txt
+lib/mailman/templates/ar/userpass.txt
+lib/mailman/templates/ar/verify.txt
lib/mailman/templates/ca/admindbdetails.html
lib/mailman/templates/ca/admindbpreamble.html
lib/mailman/templates/ca/admindbsummary.html
@@ -1302,6 +1350,14 @@ lib/mailman/templates/nl/adminsubscribeack.txt
lib/mailman/templates/nl/adminunsubscribeack.txt
lib/mailman/templates/nl/admlogin.html
lib/mailman/templates/nl/approve.txt
+lib/mailman/templates/nl/archidxentry.html
+lib/mailman/templates/nl/archidxfoot.html
+lib/mailman/templates/nl/archidxhead.html
+lib/mailman/templates/nl/archlistend.html
+lib/mailman/templates/nl/archliststart.html
+lib/mailman/templates/nl/archtoc.html
+lib/mailman/templates/nl/archtocentry.html
+lib/mailman/templates/nl/archtocnombox.html
lib/mailman/templates/nl/article.html
lib/mailman/templates/nl/bounce.txt
lib/mailman/templates/nl/checkdbs.txt
@@ -1315,11 +1371,13 @@ lib/mailman/templates/nl/invite.txt
lib/mailman/templates/nl/listinfo.html
lib/mailman/templates/nl/masthead.txt
lib/mailman/templates/nl/newlist.txt
+lib/mailman/templates/nl/nomoretoday.txt
lib/mailman/templates/nl/options.html
lib/mailman/templates/nl/postack.txt
lib/mailman/templates/nl/postauth.txt
lib/mailman/templates/nl/postheld.txt
lib/mailman/templates/nl/private.html
+lib/mailman/templates/nl/probe.txt
lib/mailman/templates/nl/refuse.txt
lib/mailman/templates/nl/roster.html
lib/mailman/templates/nl/subauth.txt
@@ -1791,6 +1849,50 @@ lib/mailman/templates/uk/unsub.txt
lib/mailman/templates/uk/unsubauth.txt
lib/mailman/templates/uk/userpass.txt
lib/mailman/templates/uk/verify.txt
+lib/mailman/templates/vi/admindbdetails.html
+lib/mailman/templates/vi/admindbpreamble.html
+lib/mailman/templates/vi/admindbsummary.html
+lib/mailman/templates/vi/admlogin.html
+lib/mailman/templates/vi/archidxentry.html
+lib/mailman/templates/vi/archidxfoot.html
+lib/mailman/templates/vi/archidxhead.html
+lib/mailman/templates/vi/archlistend.html
+lib/mailman/templates/vi/archliststart.html
+lib/mailman/templates/vi/archtoc.html
+lib/mailman/templates/vi/archtocentry.html
+lib/mailman/templates/vi/archtocnombox.html
+lib/mailman/templates/vi/article.html
+lib/mailman/templates/vi/emptyarchive.html
+lib/mailman/templates/vi/headfoot.html
+lib/mailman/templates/vi/listinfo.html
+lib/mailman/templates/vi/options.html
+lib/mailman/templates/vi/private.html
+lib/mailman/templates/vi/roster.html
+lib/mailman/templates/vi/subscribe.html
+lib/mailman/templates/vi/adminsubscribeack.txt
+lib/mailman/templates/vi/adminunsubscribeack.txt
+lib/mailman/templates/vi/approve.txt
+lib/mailman/templates/vi/bounce.txt
+lib/mailman/templates/vi/checkdbs.txt
+lib/mailman/templates/vi/convert.txt
+lib/mailman/templates/vi/cronpass.txt
+lib/mailman/templates/vi/disabled.txt
+lib/mailman/templates/vi/help.txt
+lib/mailman/templates/vi/invite.txt
+lib/mailman/templates/vi/masthead.txt
+lib/mailman/templates/vi/newlist.txt
+lib/mailman/templates/vi/nomoretoday.txt
+lib/mailman/templates/vi/postack.txt
+lib/mailman/templates/vi/postauth.txt
+lib/mailman/templates/vi/postheld.txt
+lib/mailman/templates/vi/probe.txt
+lib/mailman/templates/vi/refuse.txt
+lib/mailman/templates/vi/subauth.txt
+lib/mailman/templates/vi/subscribeack.txt
+lib/mailman/templates/vi/unsub.txt
+lib/mailman/templates/vi/unsubauth.txt
+lib/mailman/templates/vi/userpass.txt
+lib/mailman/templates/vi/verify.txt
lib/mailman/templates/zh_CN/admindbdetails.html
lib/mailman/templates/zh_CN/admindbpreamble.html
lib/mailman/templates/zh_CN/admindbsummary.html
@@ -1979,6 +2081,7 @@ share/examples/rc.d/mailman
@dirrm lib/mailman/tests
@dirrm lib/mailman/templates/zh_TW
@dirrm lib/mailman/templates/zh_CN
+@dirrm lib/mailman/templates/vi
@dirrm lib/mailman/templates/uk
@dirrm lib/mailman/templates/tr
@dirrm lib/mailman/templates/sv
@@ -2008,6 +2111,7 @@ share/examples/rc.d/mailman
@dirrm lib/mailman/templates/da
@dirrm lib/mailman/templates/cs
@dirrm lib/mailman/templates/ca
+@dirrm lib/mailman/templates/ar
@dirrm lib/mailman/templates
@dirrm lib/mailman/support
@dirrm lib/mailman/scripts
@@ -2029,6 +2133,8 @@ share/examples/rc.d/mailman
@dirrm lib/mailman/messages/zh_TW
@dirrm lib/mailman/messages/zh_CN/LC_MESSAGES
@dirrm lib/mailman/messages/zh_CN
+@dirrm lib/mailman/messages/vi/LC_MESSAGES
+@dirrm lib/mailman/messages/vi
@dirrm lib/mailman/messages/uk/LC_MESSAGES
@dirrm lib/mailman/messages/uk
@dirrm lib/mailman/messages/tr/LC_MESSAGES
@@ -2085,6 +2191,8 @@ share/examples/rc.d/mailman
@dirrm lib/mailman/messages/cs
@dirrm lib/mailman/messages/ca/LC_MESSAGES
@dirrm lib/mailman/messages/ca
+@dirrm lib/mailman/messages/ar/LC_MESSAGES
+@dirrm lib/mailman/messages/ar
@dirrm lib/mailman/messages
@dirrm lib/mailman/mail
@dirrm lib/mailman/icons
diff --git a/mail/mailman/distinfo b/mail/mailman/distinfo
index 8e3a5339417..2b5ad866158 100644
--- a/mail/mailman/distinfo
+++ b/mail/mailman/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.12 2006/06/14 14:31:35 tv Exp $
+$NetBSD: distinfo,v 1.13 2006/09/09 23:20:11 bouyer Exp $
-SHA1 (mailman-2.1.8.tgz) = 4ff71bc2a02f9ac06dada71d4c5b3208c0959aa2
-RMD160 (mailman-2.1.8.tgz) = ee697e25b3c9407fa032d482dc4b597b281367fa
-Size (mailman-2.1.8.tgz) = 6856039 bytes
+SHA1 (mailman-2.1.9rc1.tgz) = 4370a107991d88b497dfa6722b97945274718f7f
+RMD160 (mailman-2.1.9rc1.tgz) = c8f6d61fbb500ec073049c5951d3482ed91cbb44
+Size (mailman-2.1.9rc1.tgz) = 7851444 bytes
SHA1 (patch-aa) = f0bc550b28794008ea840a88a5b0053578f3ae0f
SHA1 (patch-ab) = 39f6294e53110bd1fd09b1e90ab46820f4d48e3f
SHA1 (patch-ad) = 665884b9dd1789e4abd430c762bdbfd707d48d30