[Mailman-Developers] .lower() for older pythons

[Matt_Domsch@Dell.com]

> I' released Mailman 2.0.12 which fixes a cross-site scripting
> vulnerability, among other changes.  I recommend that folks upgrade
> their 2.0.x systems to this new version.  See below for a NEWS file
> excerpt.

Thanks for this update.  I've run across one problem.  In
Mailman/MailCommandHandler.py, ParseMailCommands function:

+        precedence = msg.get('precedence', '').lower()
+        ack = msg.get('x-ack', '').lower()

With my python (1.5.2-30 as in Red Hat Linux 7.1), this generates lots of
errors in mailman/logs/error:

Jul 11 15:30:00 2002 qrunner(17873): Traceback (innermost last):
Jul 11 15:30:00 2002 qrunner(17873):   File "/home/mailman/cron/qrunner",
line 283, in ?
Jul 11 15:30:00 2002 qrunner(17873):      kids = main(lock)
Jul 11 15:30:00 2002 qrunner(17873):   File "/home/mailman/cron/qrunner",
line 253, in main
Jul 11 15:30:00 2002 qrunner(17873):      keepqueued =
dispose_message(mlist, msg, msgdata)
Jul 11 15:30:00 2002 qrunner(17873):   File "/home/mailman/cron/qrunner",
line 157, in dispose_message
Jul 11 15:30:00 2002 qrunner(17873):      mlist.ParseMailCommands(msg)
Jul 11 15:30:00 2002 qrunner(17873):   File
"/home/mailman/Mailman/MailCommandHandler.py", line 123, in
ParseMailCommands
Jul 11 15:30:00 2002 qrunner(17873):      precedence = msg.get('precedence',
'').lower()
Jul 11 15:30:00 2002 qrunner(17873): AttributeError :  'string' object has
no attribute 'lower'

I believe the proper fix is:

+        precedence = string.lower(msg.get('precedence', ''))
+        ack = string.lower(msg.get('x-ack', ''))

instead.  With this, it works and doesn't generate those errors.  I'm not on
mailman-developers, so please cc me on any replies.

Thanks,
Matt

--
Matt Domsch
Sr. Software Engineer, Lead Engineer, Architect
Dell Linux Solutions www.dell.com/linux
Linux on Dell mailing lists @ http://lists.us.dell.com
#1 US Linux Server provider for 2001 and Q1/2002! (IDC May 2002)