------------------------------------------------------------
revno: 1783
committer: Mark Sapiro <[email protected]>
branch nick: 2.1
timestamp: Fri 2018-06-22 08:41:29 -0700
message:
Preparing 2.1.27 release.
modified:
NEWS
--
lp:mailman/2.1
https://code.launchpad.net/~mailman-coders/mailman/2.1
Your team Mailman Checkins is subscribed to branch lp:mailman/2.1.
To unsubscribe from this branch go to
https://code.launchpad.net/~mailman-coders/mailman/2.1/+edit-subscription
=== modified file 'NEWS'
--- NEWS 2018-06-22 15:36:36 +0000
+++ NEWS 2018-06-22 15:41:29 +0000
@@ -5,14 +5,16 @@
Here is a history of user visible changes to Mailman.
-2.1.27 (xx-xxx-xxxx)
+2.1.27 (22-Jun-2018)
Security
- Existing protections against malicious listowners injecting evil
scripts into listinfo pages have had a few more checks added.
+ JVN#00846677/JPCERT#97432283
- A few more error messages have had their values HTML escaped.
+ JVN#00846677/JPCERT#97432283
- The hash generated when SUBSCRIBE_FORM_SECRET is set could have been
the same as one generated at the same time for a different list and
_______________________________________________
Mailman-checkins mailing list
[email protected]
Unsubscribe:
https://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org
