[Mailman-Users] Everything is an attachment

[Todd Zullinger]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark Sapiro wrote:
> As far as it being worth it to upgrade to 2.1.6, there are a few
> security issues in 2.1.5 that are fixed in 2.1.6, so yes, I think
> it's worth it, but I would suggest trying to go all the way to 2.1.8
> if possible. But none of this will change the header/footer issue
> for mail with attachments that go to the list.

FWIW, the Red Hat packages should have all of the security holes
backported, so users of those packages should need to upgrade just to
be secure.  I don't run any RHEL systems though, so I can't say that
I've looked over the packages carefully (and even if I had, not many
people have a reason to take my word for the security issues being
fixed :).

I'd still agree that anyone running mailman in production should look
into updating their installations to get the improvements that have
come along since 2.1.5.

- -- 
Todd        OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
======================================================================
Truth is like a well-known whore.  Everybody knows her but it's
embarrassing to meet her in the street.
    -- Wolfgang Borchert

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iG0EARECAC0FAkRrqE4mGGh0dHA6Ly93d3cucG9ib3guY29tL350bXovcGdwL3Rt
ei5hc2MACgkQuv+09NZUB1oKGACcCYQxpcGrMNccSJq+YBLGiJLQbogAoLEnVVnw
FtvxACpc2ANCm7s54PSp
=dvGg
-----END PGP SIGNATURE-----