Subject: CVS commit: pkgsrc/mail/mailman
From: Filip Hajny
Date: 2015-09-02 23:04:18
Message id: 20150902210418.B370298@cvs.netbsd.org

Log Message:
Updated mail/mailman to 2.1.20.

Removed PKG_DESTDIR_SUPPORT=destdir, no longer needed since 2011.

2.1.20 (31-Mar-2015)
- A path traversal vulnerability has been discovered and fixed (CVE-2015-2775)
- There is a new Address Change sub-section in the web admin
  Membership Management section
- The Russian translation has been updated by Danil Smirnov.
- The Polish translation has been updated by Stefan Plewako.
- A LookupError in SpamDetect on a message with RFC 2047 encoded headers
  in an unknown character set is fixed.
- Fixed a bug in CommandRunner that could process the second word of a
  body line as a command word and a case sensitivity in commands in
  Subject: with an Re: prefix.
- Fixed a bug in CommandRunner that threw an uncaught KeyError if
  the input to the list-request address contained a command word
  terminated by a period.
- Changed the response to an invalid confirmation to be more generic.
  Not all confirmations are subscription requests.
- Changed the default nonmember_rejection_notice to be more user friendly.
- Added "If you are a list member" qualification to some messages from the
  options login page.
- Changed the 'Approve' wording in the admindbdetails.html template to
  'Accept/Approve' for better agreement with the button labels.
- Added '(by thread)' to the previous and next message links in the
  archive to emphasize that even if you got to the message from a
  subject, date or author index, previous and next are still by thread.

2.1.19 (28-Feb-2015)
- The subscribe_auto_approval feature backported from the 2.2 branch and
  described above has been enhanced to accept entries of the form
  @listname to auto approve members of another list.
- There is a new list attribute dmarc_wrapped_message_text and a
  DEFAULT_DMARC_WRAPPED_MESSAGE_TEXT setting to set the default for new
  lists.  This text is added to a message which is wrapped because of
  dmarc_moderation_action in a separate text/plain part that precedes the
  message/rfc822 part containing the original message.  It can be used to
  provide an explanation of why the message was wrapped or similar info.
- There is a new list attribute equivalent_domains and a
  DEFAULT_EQUIVALENT_DOMAINS setting to set the default for new lists which
  in turn defaults to the empty string.  This provides a way to specify one
  or more groups of domains, e.g., mac.com, me.com, icloud.com, which are
  considered equivalent for validating list membership for posting and
  moderation purposes.
- There is a new WEB_HEAD_ADD setting to specify text to be added to the
  <HEAD> section of Mailman's internally generated web pages.  This doesn't
  apply to pages built from templates, but in those cases, custom templates
  can be created.
- There is a new DEFAULT_SUBSCRIBE_OR_INVITE setting.  Set this to Yes
  to make the default selection on the admin Mass Subscriptions page
  Invite rather than Subscribe.
- There is a new list attribute in the Bounce processing section.
  bounce_notify_owner_on_bounce_increment if set to Yes will cause
  Mailman to notify the list owner on every bounce that increments a
  list member's score but doesn't result in a probe or disable.  There
  is a new configuration setting setting
  DEFAULT_BOUNCE_NOTIFY_OWNER_ON_BOUNCE_INCREMENT to set the default
  for new lists.  This in turn defaults to No.
- Mailman's log files, request.pck files and heldmsg-* files are no
  longer created world readable to protect against access by untrusted
  local users.  Note that permissions on existing log files won't be
  changed so if you are concerned about this and don't rotate logs or
  have a logrotate process that creates new log files instead of letting
  Mailman create them, you will need to address that.
- The Python Powered logo image has been replaced in the misc/ directory
  in the source distribution.  Depending on how you've installed these
  images, you may need to copy PythonPowered.png from the misc/ directory
  in the source or from the $prefix/icons/ installed directory to another
  location for your web server.
- The Polish translation has been updated by Stefan Plewako.
- The Interlingua translation has been updated by Martijn Dekker.
- The Japanese message catalog has been updated by SATOH Fumiyasu.
- Mailman's character set for Romanian has been changed from iso-8859-2
  to utf-8 and the templates and messages recoded.  This change will
  require running 'bin/arch --wipe' on any existing Romanian language
  lists in order to recode the list's archives, and will require recoding
  any edited templates in lists/LISTNAME/ro/*, templates/DOMAIN/ro/* and
  templates/site/ro/*.  It may also require recoding any existing
  iso-8859-2 text in list attributes.
- Mailman's character set for Russian has been changed from koi8-r to
  utf-8 and the templates and messages recoded.  This change will
  require running 'bin/arch --wipe' on any existing Russian language
  lists in order to recode the list's archives, and will require recoding
  any edited templates in lists/LISTNAME/ru/*, templates/DOMAIN/ru/* and
  templates/site/ru/*.  It may also require recoding any existing koi8-r
  text in list attributes.
- Mailman's versions.py has been augmented to help with the above two
  character set changes.  The first time a list with preferred_language
  of Romanian or Russian is accessed or upon upgrade to this release,
  any list attributes which have string values such as description, info,
  welcome_msg, etc. that appear to be in the old character set will be
  converted to utf-8.  This is done recursively for the values (but not
  the keys) of dictionary attributes and the elements of list and tuple
  attributes.
- The Russian message catalog and templates have been further updated by
  Danil Smirnov.
- The Romanian message catalog has been updated.
- The Russian templates have been updated by Danil Smirnov.
- The Japanese translation has been updated by SATOH Fumiyasu.
- A minor change in the French translation of a listinfo subscribe form
  message has been made.
- Because of privacy concerns with the 2.2 backport adding real name to
  list rosters, this is controlled by a new ROSTER_DISPLAY_REALNAME
  setting that defaults to No.  You may wish to set this to Yes in
  mm_cfg.py.
- Organization: headers are now unconditionally removed from posts to
  anonymous lists.  Regexps in ANONYMOUS_LIST_KEEP_HEADERS weren't kept
  if the regexp included the trailing ':'.  This is fixed too.
- The admindb interface has been fixed so the the detail message body
  display doesn't lose part of a multi-byte character, and characters which
  are invalid in the message's charset are replaced rather than the whole
  body not being converted to the display charset.
- Fixed a bug in bin/rmlist that would throw an exception or just fail to
  remove held message files for a list with regexp special characters in
  its name.
- When applying DMARC mitigations, CookHeaders now adds the original From:
  to Cc: rather than Reply-To: in some cases to make MUA 'reply' and
  'reply all' more consistent with the non-DMARC cases.
- The Subject: of the list welcome message wasn't always in the user's
  preferred language.  Fixed.
- Accept email command in Subject: prefixed with Re: or similar with no
  intervening space.
- Fixed a UnicodeDecodeError that could occur in the web admin interface
  if 'text' valued attributes have unicode values.
- We now catch the NotAMemberError exception thrown if an authenticated
  unsubscribe is submitted from the user options page for a nonmember.
- Fixed an archiving bug that would cause messages with 'Subject: Re:'
  only to be indexed in the archives without a link to the message.
- The vette log entry for a message discarded by a handler now includes
  the list name and the name of the handler.
- The options CGI now rejects all but HTTP GET and POST requests.
- A list's poster password will now be accepted on an Urgent: header.
- Fixed a bug which caused a setting of 2 for REMOVE_DKIM_HEADERS to be
  ignored.
- Renamed messages/sr/readme.sr to README.sr.
- Moved the dmarc_moderation_action checks from the Moderate handler to
  the SpamDetect handler so that the Reject and Discard actions will be
  done before the message might be held by header_filter_rules, and the
  Wrap Message and Munge From actions will be done on messages held by
  header_filter_rules if the message is approved.
- <label> tags have been added around most check boxes and radio buttons
  and their text labels in the admin and admindb web GUI so they can be
  (de)selected by clicking the text.
- If checking DNS for dmarc_moderation_action and DNS lookup is not
  available, log it.
- Handle missing From: header addresses for DMARC mitigation actions.

Files:
RevisionActionfile
1.75modifypkgsrc/mail/mailman/Makefile
1.25modifypkgsrc/mail/mailman/PLIST
1.23modifypkgsrc/mail/mailman/distinfo