From barry at python.org  Mon Dec 22 11:49:58 2003
From: barry at python.org (Barry Warsaw)
Date: Mon Dec 22 11:50:05 2003
Subject: [Mailman-Announce] SourceForge donations for the GNU Mailman project
Message-ID: <1072111797.18828.117.camel@anthem>

SourceForge recently instituted a donation system for projects and
users, whereby you can donate some money to a PayPal account to show
your appreciation for the free and open source projects you use. 
Donations to projects require opt-in from all the project's admins.

Jeremy and I have both opted-in to the donation system for the GNU
Mailman project.  I have set the donations email address to the Python
Software Foundation's PayPal account.  This needn't be set in stone, but
we had to pick an address to turn this on and the PSF seemed like a
reasonable choice.  Note that the Python project is accepting donations
for the PSF as well.

GNU Mailman remains free, in both the monetary and liberty senses of the
word.  I personally feel that the good will, help to others, insights,
patches, bug fixes, and general good community that you already donate
is enough reward.  If you feel like making a monetary contribution as
well, please know that the PSF is a US public charity under section
501(c)(3) of the IRS code.  See

	http://www.python.org/psf

for details.

If you have comments or feedback about our choice for the recipient of
donations, or about whether we should be taking donations at all, please
email me directly.

Cheers, and happy holidays,
-Barry



From barry at python.org  Wed Dec 31 13:21:50 2003
From: barry at python.org (Barry A. Warsaw)
Date: Wed Dec 31 13:21:57 2003
Subject: [Mailman-Announce] RELEASED Mailman 2.1.4
Message-ID: <16371.5054.109107.157603@gargle.gargle.HOWL>


I have released Mailman 2.1.4, a bug fix release that also contains
support for four new languages: Catalan, Croatian, Romanian, and
Slovenian.  This release also contains a fix for a cross-site
scripting vulnerability in the 'admin' cgi script (see
CAN-2003-0965).  There is also an expanded ability to filter message
headers, nominally to provide better support when Mailman is used in
conjunction with upstream spam and virus filters.

The full source tarball has been made available from the usual sites.
Sorry, there is no patch available yet, but you should be able to
install Mailman 2.1.4 over your existing 2.1.x installation.  See

    http://sourceforge.net/project/showfiles.php?group_id=103

for links to the downloadable files.  After installing, be sure you
restart your Mailman daemon by doing a "mailmanctl restart".

IMPORTANT: You will want to re-run configure before doing a make install.

See also:

    http://www.list.org
    http://mailman.sf.net
    http://www.gnu.org/software/mailman

Enjoy, and have a Happy New Year.
-Barry

-------------------- snip snip --------------------
2.1.4 (31-Dec-2003)

    - Close some cross-site scripting vulnerabilities in the admin pages
      (CAN-2003-0965).

    - New languages: Catalan, Croatian, Romanian, Slovenian.

    - New mm_cfg.py/Defaults.py variable PUBLIC_MBOX which allows the site
      administrator to disable public access to all the raw list mbox files
      (this is not a per-list configuration).

    - Expanded header filter rules under Privacy -> Spam Filters.  Now you can
      specify regular expression matches against any header, with specific
      actions tied to those matches.

    - Rework the SMTP error handling in SMTPDirect.py to avoid scoring bounces
      for all recipients when a permanent error code is returned by the mail
      server (e.g. because of content restrictions).

    - Promoted SYNC_AFTER_WRITE to a Default.py/mm_cfg.py variable and
      make it control syncing on the config.pck file.  Also, we always flush
      and sync message files.

    - Reduce archive bloat by not storing the HTML body of Article objects in
      the Pipermail database.  A new script bin/rb-archfix was added to clean
      up older archives.

    - Proper RFC quoting for List-ID descriptions.

    - PKGDIR can be passed to the make command in order to specify a different
      directory to unpack the distutils packages in misc.  (SF bug 784700).

    - Improved logging of the origin of subscription requests.

    - Bugs and patches: 832748 (unsubscribe_policy ignored for unsub button on
      member login page), 846681 (bounce disabled cookie was always out of
      date), 835870 (check VIRTUAL_HOST_OVERVIEW on through the web list
      creation), 835036 (global address change when the new address is already
      a member of one of the lists), 833384 (incorrect admin password on a
      hold message confirmation attachment would discard the message), 835012
      (fix permission on empty archive index), 816410 (confirmation page
      consistency), 834486 (catch empty charsets in the scrubber), 777444 (set
      the process's supplemental groups if possible), 860135 (ignore
      DiscardMessage exceptions during digest scrubbing), 828811 (reduce
      process size for list and admin overviews), 864674/864676 (problems
      accessing private archives and rosters with admin password), 865661
      (Tokio Kikuchi's i18n patches), 862906 (unicode prefix leak in admindb),
      841445 (setting new_member_options via config_list), n/a (fixed email
      command 'set delivery')