On Tue 2013.10.22 at 12:50 -0400, Okan Demirmen wrote: > Update to 2.1.16.
and for others running mailman lists, the new subscribe form option has prevented at least 40k+ bot-initiated subscription requests for us in the past few days. > OK/comments? > > Thanks, > Okan > > Index: Makefile > =================================================================== > RCS file: /home/open/cvs/ports/mail/mailman/Makefile,v > retrieving revision 1.76 > diff -u -p -r1.76 Makefile > --- Makefile 11 Mar 2013 11:23:51 -0000 1.76 > +++ Makefile 21 Oct 2013 11:58:48 -0000 > @@ -2,8 +2,7 @@ > > COMMENT= mailing list manager with web interface > > -DISTNAME= mailman-2.1.14 > -REVISION= 17 > +DISTNAME= mailman-2.1.16 > CATEGORIES= mail www > > HOMEPAGE= http://www.gnu.org/software/mailman/ > Index: distinfo > =================================================================== > RCS file: /home/open/cvs/ports/mail/mailman/distinfo,v > retrieving revision 1.20 > diff -u -p -r1.20 distinfo > --- distinfo 21 Sep 2010 07:21:00 -0000 1.20 > +++ distinfo 21 Oct 2013 11:59:08 -0000 > @@ -1,5 +1,2 @@ > -MD5 (mailman-2.1.14.tgz) = nqFjhxzsy9M/7kyeM1/Pew== > -RMD160 (mailman-2.1.14.tgz) = o21AO5wA5TVLIEtitfDparB3kYY= > -SHA1 (mailman-2.1.14.tgz) = yS3hpe4tiwyD0pg2s1vUIhFslvQ= > -SHA256 (mailman-2.1.14.tgz) = HWvoArcYY5EmxAaet/nNOjR3ZeHLGZzDuxTXFXLQlSM= > -SIZE (mailman-2.1.14.tgz) = 8201150 > +SHA256 (mailman-2.1.16.tgz) = XRUrBpM49bgUIi+YHDibBQ9cFDoRzPh5bPOA6CS2T2M= > +SIZE (mailman-2.1.16.tgz) = 9009817 > Index: patches/patch-Mailman_Cgi_confirm_py > =================================================================== > RCS file: patches/patch-Mailman_Cgi_confirm_py > diff -N patches/patch-Mailman_Cgi_confirm_py > --- patches/patch-Mailman_Cgi_confirm_py 3 Mar 2011 09:50:11 -0000 > 1.1 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,37 +0,0 @@ > -$OpenBSD: patch-Mailman_Cgi_confirm_py,v 1.1 2011/03/03 09:50:11 jasper Exp $ > - > -Security fix for CVE-2011-0707. > -Mailman "Full Name" Script Insertion Vulnerabilities. > - > -Patch from upstream announcement: > -http://mail.python.org/pipermail/mailman-announce/2011-February/000158.html > - > ---- Mailman/Cgi/confirm.py.orig Mon Sep 20 20:18:27 2010 > -+++ Mailman/Cgi/confirm.py Thu Mar 3 10:47:51 2011 > -@@ -471,7 +471,7 @@ def unsubscription_prompt(mlist, doc, cookie, addr): > - if fullname is None: > - fullname = _('<em>Not available</em>') > - else: > -- fullname = Utils.uncanonstr(fullname, lang) > -+ fullname = Utils.websafe(Utils.uncanonstr(fullname, lang)) > - table.AddRow([_("""Your confirmation is required in order to complete > the > - unsubscription request from the mailing list <em>%(listname)s</em>. You > - are currently subscribed with > -@@ -573,7 +573,7 @@ def addrchange_prompt(mlist, doc, cookie, oldaddr, new > - if fullname is None: > - fullname = _('<em>Not available</em>') > - else: > -- fullname = Utils.uncanonstr(fullname, lang) > -+ fullname = Utils.websafe(Utils.uncanonstr(fullname, lang)) > - if globally: > - globallys = _('globally') > - else: > -@@ -814,7 +814,7 @@ def reenable_prompt(mlist, doc, cookie, list, member): > - if username is None: > - username = _('<em>not available</em>') > - else: > -- username = Utils.uncanonstr(username, lang) > -+ username = Utils.websafe(Utils.uncanonstr(username, lang)) > - > - table.AddRow([_("""Your membership in the %(realname)s mailing list is > - currently disabled due to excessive bounces. Your confirmation is > Index: patches/patch-Mailman_Defaults_py_in > =================================================================== > RCS file: > /home/open/cvs/ports/mail/mailman/patches/patch-Mailman_Defaults_py_in,v > retrieving revision 1.11 > diff -u -p -r1.11 patch-Mailman_Defaults_py_in > --- patches/patch-Mailman_Defaults_py_in 21 Sep 2010 07:21:00 -0000 > 1.11 > +++ patches/patch-Mailman_Defaults_py_in 21 Oct 2013 12:00:18 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-Mailman_Defaults_py_in,v 1.11 2010/09/21 07:21:00 jasper Exp > $ > ---- Mailman/Defaults.py.in.orig Mon Sep 20 20:18:27 2010 > -+++ Mailman/Defaults.py.in Mon Sep 20 23:34:59 2010 > -@@ -458,7 +458,22 @@ SMTPPORT = 0 # de > +--- Mailman/Defaults.py.in.orig Thu Oct 17 00:11:34 2013 > ++++ Mailman/Defaults.py.in Mon Oct 21 08:00:02 2013 > +@@ -521,7 +521,22 @@ SMTPPORT = 0 # de > > # Command for direct command pipe delivery to sendmail compatible program, > # when DELIVERY_MODULE is 'Sendmail'. > Index: patches/patch-Mailman_htmlformat_py > =================================================================== > RCS file: > /home/open/cvs/ports/mail/mailman/patches/patch-Mailman_htmlformat_py,v > retrieving revision 1.5 > diff -u -p -r1.5 patch-Mailman_htmlformat_py > --- patches/patch-Mailman_htmlformat_py 2 May 2009 09:56:44 -0000 > 1.5 > +++ patches/patch-Mailman_htmlformat_py 21 Oct 2013 12:00:22 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-Mailman_htmlformat_py,v 1.5 2009/05/02 09:56:44 djm Exp $ > ---- Mailman/htmlformat.py.orig Tue Feb 24 08:23:35 2009 > -+++ Mailman/htmlformat.py Sat Apr 25 12:00:26 2009 > -@@ -612,12 +612,14 @@ class DefinitionList(Container): > +--- Mailman/htmlformat.py.orig Thu Oct 17 00:11:34 2013 > ++++ Mailman/htmlformat.py Mon Oct 21 08:00:02 2013 > +@@ -621,12 +621,14 @@ class DefinitionList(Container): > from mm_cfg import MAILMAN_URL > PYTHON_URL = 'http://www.python.org/' > GNU_URL = 'http://www.gnu.org/' > @@ -16,7 +16,7 @@ $OpenBSD: patch-Mailman_htmlformat_py,v > > > def MailmanLogo(): > -@@ -631,7 +633,9 @@ def MailmanLogo(): > +@@ -640,7 +642,9 @@ def MailmanLogo(): > logo(PYTHON_POWERED) > gnulink = '<img src="%s" alt="GNU\'s Not Unix" border=0>' % \ > logo(GNU_HEAD) > @@ -27,7 +27,7 @@ $OpenBSD: patch-Mailman_htmlformat_py,v > else: > # use only textual links > version = mm_cfg.VERSION > -@@ -639,7 +643,8 @@ def MailmanLogo(): > +@@ -648,7 +652,8 @@ def MailmanLogo(): > _('Delivered by Mailman<br>version %(version)s')) > pylink = Link(PYTHON_URL, _('Python Powered')) > gnulink = Link(GNU_URL, _("Gnu's Not Unix")) > Index: patches/patch-misc_Makefile_in > =================================================================== > RCS file: /home/open/cvs/ports/mail/mailman/patches/patch-misc_Makefile_in,v > retrieving revision 1.6 > diff -u -p -r1.6 patch-misc_Makefile_in > --- patches/patch-misc_Makefile_in 2 May 2009 09:56:44 -0000 1.6 > +++ patches/patch-misc_Makefile_in 21 Oct 2013 12:00:26 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-misc_Makefile_in,v 1.6 2009/05/02 09:56:44 djm Exp $ > ---- misc/Makefile.in.orig Tue Feb 24 08:23:35 2009 > -+++ misc/Makefile.in Sat Apr 25 12:00:40 2009 > -@@ -74,6 +74,10 @@ ICONS= $(srcdir)/*.jpg $(srcdir)/*.png > +--- misc/Makefile.in.orig Thu Oct 17 00:11:34 2013 > ++++ misc/Makefile.in Mon Oct 21 08:00:02 2013 > +@@ -74,6 +74,10 @@ ICONS= $(srcdir)/*.jpg $(srcdir)/*.png > $(srcdir)/*.ic > # Rules > > all: > Index: pkg/PLIST > =================================================================== > RCS file: /home/open/cvs/ports/mail/mailman/pkg/PLIST,v > retrieving revision 1.23 > diff -u -p -r1.23 PLIST > --- pkg/PLIST 16 Feb 2012 22:27:56 -0000 1.23 > +++ pkg/PLIST 21 Oct 2013 12:08:27 -0000 > @@ -66,6 +66,8 @@ lib/mailman/Mailman/Bouncers/Yale.py > lib/mailman/Mailman/Bouncers/Yale.pyc > lib/mailman/Mailman/Bouncers/__init__.py > lib/mailman/Mailman/Bouncers/__init__.pyc > +lib/mailman/Mailman/CSRFcheck.py > +lib/mailman/Mailman/CSRFcheck.pyc > @mode 775 > lib/mailman/Mailman/Cgi/ > @mode > @@ -228,6 +230,8 @@ lib/mailman/Mailman/Handlers/ToOutgoing. > lib/mailman/Mailman/Handlers/ToOutgoing.pyc > lib/mailman/Mailman/Handlers/ToUsenet.py > lib/mailman/Mailman/Handlers/ToUsenet.pyc > +lib/mailman/Mailman/Handlers/WrapMessage.py > +lib/mailman/Mailman/Handlers/WrapMessage.pyc > lib/mailman/Mailman/Handlers/__init__.py > lib/mailman/Mailman/Handlers/__init__.pyc > lib/mailman/Mailman/ListAdmin.py > @@ -406,6 +410,8 @@ lib/mailman/icons/PythonPowered.png > lib/mailman/icons/gnu-head-tiny.jpg > lib/mailman/icons/mailman-large.jpg > lib/mailman/icons/mailman.jpg > +lib/mailman/icons/mm-icon-large.ico > +lib/mailman/icons/mm-icon.ico > lib/mailman/icons/mm-icon.png > @mode 775 > lib/mailman/mail/ > @@ -447,6 +453,10 @@ lib/mailman/messages/de/LC_MESSAGES/ > lib/mailman/messages/de/LC_MESSAGES/mailman.mo > lib/mailman/messages/de/LC_MESSAGES/mailman.po > lib/mailman/messages/de/README.de > +lib/mailman/messages/el/ > +lib/mailman/messages/el/LC_MESSAGES/ > +lib/mailman/messages/el/LC_MESSAGES/mailman.mo > +lib/mailman/messages/el/LC_MESSAGES/mailman.po > @mode 775 > lib/mailman/messages/es/ > lib/mailman/messages/es/LC_MESSAGES/ > @@ -467,6 +477,10 @@ lib/mailman/messages/eu/LC_MESSAGES/ > lib/mailman/messages/eu/LC_MESSAGES/mailman.mo > lib/mailman/messages/eu/LC_MESSAGES/mailman.po > lib/mailman/messages/eu/README.eu > +lib/mailman/messages/fa/ > +lib/mailman/messages/fa/LC_MESSAGES/ > +lib/mailman/messages/fa/LC_MESSAGES/mailman.mo > +lib/mailman/messages/fa/LC_MESSAGES/mailman.po > @mode 775 > lib/mailman/messages/fi/ > lib/mailman/messages/fi/LC_MESSAGES/ > @@ -894,31 +908,88 @@ lib/mailman/templates/de/adminsubscribea > lib/mailman/templates/de/adminunsubscribeack.txt > lib/mailman/templates/de/admlogin.html > lib/mailman/templates/de/approve.txt > +lib/mailman/templates/de/archidxentry.html > +lib/mailman/templates/de/archidxfoot.html > +lib/mailman/templates/de/archidxhead.html > +lib/mailman/templates/de/archlistend.html > +lib/mailman/templates/de/archliststart.html > +lib/mailman/templates/de/archtoc.html > +lib/mailman/templates/de/archtocentry.html > +lib/mailman/templates/de/archtocnombox.html > lib/mailman/templates/de/article.html > lib/mailman/templates/de/bounce.txt > lib/mailman/templates/de/checkdbs.txt > lib/mailman/templates/de/convert.txt > lib/mailman/templates/de/cronpass.txt > lib/mailman/templates/de/disabled.txt > +lib/mailman/templates/de/emptyarchive.html > lib/mailman/templates/de/headfoot.html > lib/mailman/templates/de/help.txt > lib/mailman/templates/de/invite.txt > lib/mailman/templates/de/listinfo.html > lib/mailman/templates/de/masthead.txt > lib/mailman/templates/de/newlist.txt > +lib/mailman/templates/de/nomoretoday.txt > lib/mailman/templates/de/options.html > lib/mailman/templates/de/postack.txt > lib/mailman/templates/de/postauth.txt > lib/mailman/templates/de/postheld.txt > lib/mailman/templates/de/private.html > +lib/mailman/templates/de/probe.txt > lib/mailman/templates/de/refuse.txt > lib/mailman/templates/de/roster.html > lib/mailman/templates/de/subauth.txt > lib/mailman/templates/de/subscribe.html > lib/mailman/templates/de/subscribeack.txt > lib/mailman/templates/de/unsub.txt > +lib/mailman/templates/de/unsubauth.txt > lib/mailman/templates/de/userpass.txt > lib/mailman/templates/de/verify.txt > +lib/mailman/templates/el/ > +lib/mailman/templates/el/admindbdetails.html > +lib/mailman/templates/el/admindbpreamble.html > +lib/mailman/templates/el/admindbsummary.html > +lib/mailman/templates/el/adminsubscribeack.txt > +lib/mailman/templates/el/adminunsubscribeack.txt > +lib/mailman/templates/el/admlogin.html > +lib/mailman/templates/el/approve.txt > +lib/mailman/templates/el/archidxentry.html > +lib/mailman/templates/el/archidxfoot.html > +lib/mailman/templates/el/archidxhead.html > +lib/mailman/templates/el/archlistend.html > +lib/mailman/templates/el/archliststart.html > +lib/mailman/templates/el/archtoc.html > +lib/mailman/templates/el/archtocentry.html > +lib/mailman/templates/el/archtocnombox.html > +lib/mailman/templates/el/article.html > +lib/mailman/templates/el/bounce.txt > +lib/mailman/templates/el/checkdbs.txt > +lib/mailman/templates/el/convert.txt > +lib/mailman/templates/el/cronpass.txt > +lib/mailman/templates/el/disabled.txt > +lib/mailman/templates/el/emptyarchive.html > +lib/mailman/templates/el/headfoot.html > +lib/mailman/templates/el/help.txt > +lib/mailman/templates/el/invite.txt > +lib/mailman/templates/el/listinfo.html > +lib/mailman/templates/el/masthead.txt > +lib/mailman/templates/el/newlist.txt > +lib/mailman/templates/el/nomoretoday.txt > +lib/mailman/templates/el/options.html > +lib/mailman/templates/el/postack.txt > +lib/mailman/templates/el/postauth.txt > +lib/mailman/templates/el/postheld.txt > +lib/mailman/templates/el/private.html > +lib/mailman/templates/el/probe.txt > +lib/mailman/templates/el/refuse.txt > +lib/mailman/templates/el/roster.html > +lib/mailman/templates/el/subauth.txt > +lib/mailman/templates/el/subscribe.html > +lib/mailman/templates/el/subscribeack.txt > +lib/mailman/templates/el/unsub.txt > +lib/mailman/templates/el/unsubauth.txt > +lib/mailman/templates/el/userpass.txt > +lib/mailman/templates/el/verify.txt > @mode 775 > lib/mailman/templates/en/ > @mode > @@ -1097,6 +1168,45 @@ lib/mailman/templates/eu/unsubauth.txt > lib/mailman/templates/eu/userpass.txt > lib/mailman/templates/eu/verify.txt > @mode 775 > +lib/mailman/templates/fa/ > +@mode > +lib/mailman/templates/fa/adminsubscribeack.txt > +lib/mailman/templates/fa/adminunsubscribeack.txt > +lib/mailman/templates/fa/admlogin.html > +lib/mailman/templates/fa/approve.txt > +lib/mailman/templates/fa/archidxfoot.html > +lib/mailman/templates/fa/archidxhead.html > +lib/mailman/templates/fa/archliststart.html > +lib/mailman/templates/fa/archtoc.html > +lib/mailman/templates/fa/archtocentry.html > +lib/mailman/templates/fa/archtocnombox.html > +lib/mailman/templates/fa/article.html > +lib/mailman/templates/fa/bounce.txt > +lib/mailman/templates/fa/checkdbs.txt > +lib/mailman/templates/fa/convert.txt > +lib/mailman/templates/fa/cronpass.txt > +lib/mailman/templates/fa/disabled.txt > +lib/mailman/templates/fa/emptyarchive.html > +lib/mailman/templates/fa/help.txt > +lib/mailman/templates/fa/invite.txt > +lib/mailman/templates/fa/listinfo.html > +lib/mailman/templates/fa/masthead.txt > +lib/mailman/templates/fa/nomoretoday.txt > +lib/mailman/templates/fa/options.html > +lib/mailman/templates/fa/postack.txt > +lib/mailman/templates/fa/postauth.txt > +lib/mailman/templates/fa/postheld.txt > +lib/mailman/templates/fa/private.html > +lib/mailman/templates/fa/refuse.txt > +lib/mailman/templates/fa/roster.html > +lib/mailman/templates/fa/subauth.txt > +lib/mailman/templates/fa/subscribe.html > +lib/mailman/templates/fa/subscribeack.txt > +lib/mailman/templates/fa/unsub.txt > +lib/mailman/templates/fa/unsubauth.txt > +lib/mailman/templates/fa/userpass.txt > +lib/mailman/templates/fa/verify.txt > +@mode 775 > lib/mailman/templates/fi/ > @mode > lib/mailman/templates/fi/admindbdetails.html > @@ -2349,6 +2459,8 @@ lib/mailman/tests/bounces/qmail_03.txt > lib/mailman/tests/bounces/qmail_04.txt > lib/mailman/tests/bounces/qmail_05.txt > lib/mailman/tests/bounces/qmail_06.txt > +lib/mailman/tests/bounces/qmail_07.txt > +lib/mailman/tests/bounces/qmail_08.txt > lib/mailman/tests/bounces/sendmail_01.txt > lib/mailman/tests/bounces/simple_01.txt > lib/mailman/tests/bounces/simple_02.txt > @@ -2387,6 +2499,8 @@ lib/mailman/tests/bounces/simple_34.txt > lib/mailman/tests/bounces/simple_35.txt > lib/mailman/tests/bounces/simple_36.txt > lib/mailman/tests/bounces/simple_37.txt > +lib/mailman/tests/bounces/simple_38.txt > +lib/mailman/tests/bounces/simple_39.txt > lib/mailman/tests/bounces/sina_01.txt > lib/mailman/tests/bounces/smtp32_01.txt > lib/mailman/tests/bounces/smtp32_02.txt > @@ -2405,6 +2519,7 @@ lib/mailman/tests/bounces/yahoo_07.txt > lib/mailman/tests/bounces/yahoo_08.txt > lib/mailman/tests/bounces/yahoo_09.txt > lib/mailman/tests/bounces/yahoo_10.txt > +lib/mailman/tests/bounces/yahoo_11.txt > lib/mailman/tests/bounces/yale_01.txt > lib/mailman/tests/fblast.py > @mode 775
