---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-241
2005-03-22
---------------------------------------------------------------------Product     : Fedora Core 2
Name        : mailman
Version     : 2.1.5                      
Release     : 10.fc2                  
Summary     : Mailing list manager with built in Web access.
Description :
Mailman is software to help manage email discussion lists, much like
Majordomo and Smartmail. Unlike most similar products, Mailman gives
each mailing list a webpage, and allows users to subscribe,
unsubscribe, etc. over the Web. Even the list manager can administer
his or her list entirely from the Web. Mailman also integrates most
things people want to do with mailing lists, including archiving, mail
<-> news gateways, and so on.

Documentation can be found in: /usr/share/doc/mailman-2.1.5

When the package has finished installing, you will need to perform some
additional installation steps, these are described in:
/usr/share/doc/mailman-2.1.5/INSTALL.REDHAT

---------------------------------------------------------------------Update Information:

A cross-site scripting (XSS) flaw in the driver script of mailman
prior to version 2.1.5 could allow remote attackers to execute scripts
as other web users. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-1177 to this issue.

Users of mailman should update to this erratum package, which corrects
this issue by turning on STEALTH_MODE by default and using
Utils.websafe() to quote the html.

---------------------------------------------------------------------* Mon Mar 21 2005 John Dennis  - 3:2.1.5-10.fc2

- fix bug #147833, CAN-2004-1177

* Mon Feb 14 2005 John Dennis  - 3:2.1.5-9.fc2

- fix bug #147856, moderator -1 admin requests pending

* Tue Feb  8 2005 John Dennis  - 3:2.1.5-8.fc2

- fix security vulnerability CAN-2005-0202, errata RHSA-2005:136, bug #147343

* Wed Jun  9 2004 John Dennis  - 3:2.1.5-6

- fix bug in pre scriplet, last command had been "service mailman stop"
- bump rev for rebuild
  which should have been harmless if mailman was not installed except
  that it left the exit status from the script as non-zero and rpm
  aborted the install.

* Wed Jun  9 2004 John Dennis  - 3:2.1.5-5

- add status reporting to init.d control script
  stop mailman during an installation
  restart mailman if it had been running prior to installation

* Mon Jun  7 2004 John Dennis  - 3:2.1.5-4

- back python prereq down to 2.2, should be sufficient

* Thu May 20 2004 John Dennis  3:2.1.5-3

- make python prereq be at least 2.3

* Tue May 18 2004 Jeremy Katz  3:2.1.5-2

- rebuild

* Mon May 17 2004 John Dennis  3:2.1.5-1

- bring up to latest 2.1.5 upstream release
  From Barry Warsaw: Mailman 2.1.5, a bug fix release that also
  contains new support for the Turkish language, and a few minor new
  features. Mailman 2.1.5 is a significant upgrade which should
  improve disk i/o performance, administrative overhead for discarding
  held spams, and the behavior of bouncing member disables.  This
  version also contains a fix for an exploit that could allow 3rd
  parties to retrieve member passwords.  It is thus highly recommended
  that all existing sitesupgrade to the latest version

* Tue May  4 2004 Warren Togami  3:2.1.4-4

- #105638 fix bytecompile and rpm -V
- postun /etc/postfix/aliases fix
- clean uninstall (no more empty dirs)
- #115378 RedirectMatch syntax fix

* Fri Feb 13 2004 Elliot Lee 

- rebuilt

* Fri Jan  9 2004 John Dennis  3:2.1.4-1

- upgrade to new upstream release 2.1.4
- fixes bugs 106349,112851,105367,91463

* Wed Jun  4 2003 Elliot Lee 

- rebuilt

* Wed May  7 2003 John Dennis 

- bring up to next upstream release 2.1.2

* Sun May  4 2003 Florian La Roche 

- fix typo in post script: mmusr -> mmuser

* Thu Apr 24 2003 John Dennis 

- fix bug 72004, 74483, 74484, 87856 - improper log rotation
- fix bug 88083 - mailman user/group needed to exist during build
- fix bug 88144 - wrong %file attributes on mm_cfg.py
- fix bug 89221 - mailman user not created on install
- fix bug 89250 - wrong pid file name in initscript

* Wed Mar  5 2003 Florian La Roche 

- change to /etc/rc.d/init.d as in all other rpms

* Thu Feb 20 2003 John Dennis 

- change mailman login shell from /bin/false to /sbin/nologin

* Fri Feb 14 2003 John Dennis 

- bring package up to 2.1.1 release, add /usr/share/doc files

* Sat Feb  1 2003 Florian La Roche 

- make the icon dir owned by root:root as in other rpms

* Fri Jan 31 2003 John Dennis 

- various small tweaks to the spec file to make installation cleaner
- use /usr/bin/python when compiling, redirect compile output to /dev/null,
- don't run update in %post, let the user do it, remove the .pyc files in %postun,
- add setting of MAILHOST and URLHOST to localhost.localdomain, don't let
- configure set them to the build machine.

* Mon Jan 27 2003 John Dennis 

- add the cross site scripting (xss) security patch to version 2.1

* Fri Jan 24 2003 John Dennis 

- do not start mailman service in %post

* Wed Jan 22 2003 Tim Powers 

- rebuilt

* Mon Jan 20 2003 John Dennis 

- 1) remove config patch, mailmanctl was not the right file to install in init.d,
- it needed to be scripts/mailman
- 2) rename httpd-mailman.conf to mailman.conf, since the file now lives
- in httpd/conf.d directory the http prefix is redundant and inconsistent
- with the other file names in that directory.

* Tue Jan  7 2003 John Dennis 

- Bring package up to date with current upstream source, 2.1
- Fix several install/packaging problems that were in upstream source
- Add multiple mail group functionality
- Fix syntax error in fblast.py
- Remove the forced setting of mail host and url host in mm_cfg.py

* Tue Nov 12 2002 Tim Powers  2.0.13-4

- remove files from $$RPM_BUILD_ROOT that we don't intent to ship

* Wed Aug 14 2002 Nalin Dahyabhai  2.0.13-3

- set MAILHOST and WWWHOST in case the configure script can't figure out the
  local host name

* Fri Aug  2 2002 Nalin Dahyabhai  2.0.13-2

- rebuild

* Fri Aug  2 2002 Nalin Dahyabhai  2.0.13-1

- specify log files individually, per faq wizard
- update to 2.0.13

* Wed May 22 2002 Nalin Dahyabhai  2.0.11-1

- update to 2.0.11

* Fri Apr  5 2002 Nalin Dahyabhai  2.0.9-1

- include README.QMAIL in with the docs (#58887)
- include README.SENDMAIL and README.EXIM in with the docs
- use an included httpd.conf file instead of listing the configuration
  directives in the %description, which due to specspo magic might look
  wrong sometimes (part of #51324)
- interpolate the DEFAULT_HOST_NAME value in mm.cfg into both the DEFAULT_URL
  and MAILMAN_OWNER (#57987)
- move logs to /var/log/mailman, qfiles to /var/spool/mailman, rotate
  logs in the log directory (#48724)
- raise exceptions when someone tries to set the admin address for a list
  to that of the admin alias (#61468)

* Thu Apr  4 2002 Nalin Dahyabhai 

- fix a default permissions problem in /var/mailman/archives/private,
  reported by Johannes Erdfelt
- update to 2.0.9

* Tue Apr  2 2002 Nalin Dahyabhai 

- make the symlink in /etc/smrsh relative

* Tue Dec 11 2001 Nalin Dahyabhai  2.0.8-1

- set FQDN and URL at build-time so that they won't be set to the host the
  RPM package is built on (#59177)

* Wed Nov 28 2001 Nalin Dahyabhai 

- update to 2.0.8

* Sat Nov 17 2001 Florian La Roche  2.0.7-1

- update to 2.0.7

* Wed Jul 25 2001 Nalin Dahyabhai  2.0.6-1

- update to 2.0.6

* Mon Jun 25 2001 Nalin Dahyabhai 

- code in default user/group names/IDs

* Wed May 30 2001 Nalin Dahyabhai 

- update to 2.0.5
- change the default hostname from localhost to localhost.localdomain in the
  default configuration
- chuck configuration file settings other than those dependent on the host name
  (the build system's host name is not a good default)  (#32337)

* Tue Mar 13 2001 Nalin Dahyabhai 

- update to 2.0.3

* Tue Mar  6 2001 Nalin Dahyabhai 

- update to 2.0.2

* Wed Feb 21 2001 Nalin Dahyabhai 

- patch from Barry Warsaw (via mailman-developers) to not die on
  broken Content-Type: headers

* Tue Jan  9 2001 Nalin Dahyabhai 

- update to 2.0.1

* Wed Dec  6 2000 Nalin Dahyabhai 

- update to 2.0 final release
- move the data to /var

* Fri Oct 20 2000 Nalin Dahyabhai 

- update to beta 6

* Thu Aug  3 2000 Nalin Dahyabhai 

- add note about adding FollowSymlinks so that archives work

* Wed Aug  2 2000 Nalin Dahyabhai 

- make the default owner root again so that root owns the docs
- update to 2.0beta5, which fixes a possible security vulnerability
- add smrsh symlink

* Mon Jul 24 2000 Prospector 

- rebuilt

* Wed Jul 19 2000 Nalin Dahyabhai 

- update to beta4
- change uid/gid to apache.apache to match apache (#13593)
- properly recompile byte-compiled versions of the scripts (#13619)
- change mailman alias from root to postmaster

* Sat Jul  1 2000 Nalin Dahyabhai 

- update to beta3
- drop bugs and arch patches (integrated into beta3)

* Tue Jun 27 2000 Nalin Dahyabhai 

- move web files to reside under /var/www
- move files from /usr/share to /usr/share
- integrate spot-fixes from mailman lists via gnome.org

* Mon Jun 19 2000 Nalin Dahyabhai 

- rebuild for Power Tools

* Tue May 23 2000 Nalin Dahyabhai 

- Update to 2.0beta2 to pick up security fixes.
- Change equires python to list >= 1.5.2

* Mon Nov  8 1999 Bernhard Rosenkranzer 

- 1.1

* Tue Sep 14 1999 Preston Brown 

- 1.0 final.

* Tue Jun 15 1999 Preston Brown 

- security fix for cookies
- moved to /usr/share/mailman

* Fri May 28 1999 Preston Brown 

- fix up default values.

* Fri May  7 1999 Preston Brown 

- modifications to install scripts

* Thu May  6 1999 Preston Brown 

- initial RPM for SWS 3.0


---------------------------------------------------------------------This update can be downloaded from:
  
898fb9a008e82e26614d157bc6178244  SRPMS/mailman-2.1.5-10.fc2.src.rpm
69e2626ff50b3a1c71ef758a3724a5bb  x86_64/mailman-2.1.5-10.fc2.x86_64.rpm
9aa5111f6bd88033bebfc67d329b7679  x86_64/debug/mailman-debuginfo-2.1.5-10.fc2.x86_64.rpm
2bb2085fd024b45215d43d0c17dc05f4  i386/mailman-2.1.5-10.fc2.i386.rpm
088c601b4fd076b933128a398810f7b7  i386/debug/mailman-debuginfo-2.1.5-10.fc2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------
-- 
John Dennis 


--fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 2 Update: mailman-2.1.5-10.fc2

March 22, 2005

A cross-site scripting (XSS) flaw in the driver script of mailman prior to version 2.1.5 could allow remote attackers to execute scripts as other web users

Summary

Mailman is software to help manage email discussion lists, much like

Majordomo and Smartmail. Unlike most similar products, Mailman gives

each mailing list a webpage, and allows users to subscribe,

unsubscribe, etc. over the Web. Even the list manager can administer

his or her list entirely from the Web. Mailman also integrates most

things people want to do with mailing lists, including archiving, mail

<-> news gateways, and so on.

Documentation can be found in: /usr/share/doc/mailman-2.1.5

When the package has finished installing, you will need to perform some

additional installation steps, these are described in:

/usr/share/doc/mailman-2.1.5/INSTALL.REDHAT

A cross-site scripting (XSS) flaw in the driver script of mailman

prior to version 2.1.5 could allow remote attackers to execute scripts

as other web users. The Common Vulnerabilities and Exposures project

(cve.mitre.org) has assigned the name CAN-2004-1177 to this issue.

Users of mailman should update to this erratum package, which corrects

this issue by turning on STEALTH_MODE by default and using

Utils.websafe() to quote the html.

- fix bug #147833, CAN-2004-1177

* Mon Feb 14 2005 John Dennis - 3:2.1.5-9.fc2

- fix bug #147856, moderator -1 admin requests pending

* Tue Feb 8 2005 John Dennis - 3:2.1.5-8.fc2

- fix security vulnerability CAN-2005-0202, errata RHSA-2005:136, bug #147343

* Wed Jun 9 2004 John Dennis - 3:2.1.5-6

- fix bug in pre scriplet, last command had been "service mailman stop"

- bump rev for rebuild

which should have been harmless if mailman was not installed except

that it left the exit status from the script as non-zero and rpm

aborted the install.

* Wed Jun 9 2004 John Dennis - 3:2.1.5-5

- add status reporting to init.d control script

stop mailman during an installation

restart mailman if it had been running prior to installation

* Mon Jun 7 2004 John Dennis - 3:2.1.5-4

- back python prereq down to 2.2, should be sufficient

* Thu May 20 2004 John Dennis 3:2.1.5-3

- make python prereq be at least 2.3

* Tue May 18 2004 Jeremy Katz 3:2.1.5-2

- rebuild

* Mon May 17 2004 John Dennis 3:2.1.5-1

- bring up to latest 2.1.5 upstream release

From Barry Warsaw: Mailman 2.1.5, a bug fix release that also

contains new support for the Turkish language, and a few minor new

features. Mailman 2.1.5 is a significant upgrade which should

improve disk i/o performance, administrative overhead for discarding

held spams, and the behavior of bouncing member disables. This

version also contains a fix for an exploit that could allow 3rd

parties to retrieve member passwords. It is thus highly recommended

that all existing sitesupgrade to the latest version

* Tue May 4 2004 Warren Togami 3:2.1.4-4

- #105638 fix bytecompile and rpm -V

- postun /etc/postfix/aliases fix

- clean uninstall (no more empty dirs)

- #115378 RedirectMatch syntax fix

* Fri Feb 13 2004 Elliot Lee

- rebuilt

* Fri Jan 9 2004 John Dennis 3:2.1.4-1

- upgrade to new upstream release 2.1.4

- fixes bugs 106349,112851,105367,91463

* Wed Jun 4 2003 Elliot Lee

- rebuilt

* Wed May 7 2003 John Dennis

- bring up to next upstream release 2.1.2

* Sun May 4 2003 Florian La Roche

- fix typo in post script: mmusr -> mmuser

* Thu Apr 24 2003 John Dennis

- fix bug 72004, 74483, 74484, 87856 - improper log rotation

- fix bug 88083 - mailman user/group needed to exist during build

- fix bug 88144 - wrong %file attributes on mm_cfg.py

- fix bug 89221 - mailman user not created on install

- fix bug 89250 - wrong pid file name in initscript

* Wed Mar 5 2003 Florian La Roche

- change to /etc/rc.d/init.d as in all other rpms

* Thu Feb 20 2003 John Dennis

- change mailman login shell from /bin/false to /sbin/nologin

* Fri Feb 14 2003 John Dennis

- bring package up to 2.1.1 release, add /usr/share/doc files

* Sat Feb 1 2003 Florian La Roche

- make the icon dir owned by root:root as in other rpms

* Fri Jan 31 2003 John Dennis

- various small tweaks to the spec file to make installation cleaner

- use /usr/bin/python when compiling, redirect compile output to /dev/null,

- don't run update in %post, let the user do it, remove the .pyc files in %postun,

- add setting of MAILHOST and URLHOST to localhost.localdomain, don't let

- configure set them to the build machine.

* Mon Jan 27 2003 John Dennis

- add the cross site scripting (xss) security patch to version 2.1

* Fri Jan 24 2003 John Dennis

- do not start mailman service in %post

* Wed Jan 22 2003 Tim Powers

- rebuilt

* Mon Jan 20 2003 John Dennis

- 1) remove config patch, mailmanctl was not the right file to install in init.d,

- it needed to be scripts/mailman

- 2) rename httpd-mailman.conf to mailman.conf, since the file now lives

- in httpd/conf.d directory the http prefix is redundant and inconsistent

- with the other file names in that directory.

* Tue Jan 7 2003 John Dennis

- Bring package up to date with current upstream source, 2.1

- Fix several install/packaging problems that were in upstream source

- Add multiple mail group functionality

- Fix syntax error in fblast.py

- Remove the forced setting of mail host and url host in mm_cfg.py

* Tue Nov 12 2002 Tim Powers 2.0.13-4

- remove files from $$RPM_BUILD_ROOT that we don't intent to ship

* Wed Aug 14 2002 Nalin Dahyabhai 2.0.13-3

- set MAILHOST and WWWHOST in case the configure script can't figure out the

local host name

* Fri Aug 2 2002 Nalin Dahyabhai 2.0.13-2

- rebuild

* Fri Aug 2 2002 Nalin Dahyabhai 2.0.13-1

- specify log files individually, per faq wizard

- update to 2.0.13

* Wed May 22 2002 Nalin Dahyabhai 2.0.11-1

- update to 2.0.11

* Fri Apr 5 2002 Nalin Dahyabhai 2.0.9-1

- include README.QMAIL in with the docs (#58887)

- include README.SENDMAIL and README.EXIM in with the docs

- use an included httpd.conf file instead of listing the configuration

directives in the %description, which due to specspo magic might look

wrong sometimes (part of #51324)

- interpolate the DEFAULT_HOST_NAME value in mm.cfg into both the DEFAULT_URL

and MAILMAN_OWNER (#57987)

- move logs to /var/log/mailman, qfiles to /var/spool/mailman, rotate

logs in the log directory (#48724)

- raise exceptions when someone tries to set the admin address for a list

to that of the admin alias (#61468)

* Thu Apr 4 2002 Nalin Dahyabhai

- fix a default permissions problem in /var/mailman/archives/private,

reported by Johannes Erdfelt

- update to 2.0.9

* Tue Apr 2 2002 Nalin Dahyabhai

- make the symlink in /etc/smrsh relative

* Tue Dec 11 2001 Nalin Dahyabhai 2.0.8-1

- set FQDN and URL at build-time so that they won't be set to the host the

RPM package is built on (#59177)

* Wed Nov 28 2001 Nalin Dahyabhai

- update to 2.0.8

* Sat Nov 17 2001 Florian La Roche 2.0.7-1

- update to 2.0.7

* Wed Jul 25 2001 Nalin Dahyabhai 2.0.6-1

- update to 2.0.6

* Mon Jun 25 2001 Nalin Dahyabhai

- code in default user/group names/IDs

* Wed May 30 2001 Nalin Dahyabhai

- update to 2.0.5

- change the default hostname from localhost to localhost.localdomain in the

default configuration

- chuck configuration file settings other than those dependent on the host name

(the build system's host name is not a good default) (#32337)

* Tue Mar 13 2001 Nalin Dahyabhai

- update to 2.0.3

* Tue Mar 6 2001 Nalin Dahyabhai

- update to 2.0.2

* Wed Feb 21 2001 Nalin Dahyabhai

- patch from Barry Warsaw (via mailman-developers) to not die on

broken Content-Type: headers

* Tue Jan 9 2001 Nalin Dahyabhai

- update to 2.0.1

* Wed Dec 6 2000 Nalin Dahyabhai

- update to 2.0 final release

- move the data to /var

* Fri Oct 20 2000 Nalin Dahyabhai

- update to beta 6

* Thu Aug 3 2000 Nalin Dahyabhai

- add note about adding FollowSymlinks so that archives work

* Wed Aug 2 2000 Nalin Dahyabhai

- make the default owner root again so that root owns the docs

- update to 2.0beta5, which fixes a possible security vulnerability

- add smrsh symlink

* Mon Jul 24 2000 Prospector

- rebuilt

* Wed Jul 19 2000 Nalin Dahyabhai

- update to beta4

- change uid/gid to apache.apache to match apache (#13593)

- properly recompile byte-compiled versions of the scripts (#13619)

- change mailman alias from root to postmaster

* Sat Jul 1 2000 Nalin Dahyabhai

- update to beta3

- drop bugs and arch patches (integrated into beta3)

* Tue Jun 27 2000 Nalin Dahyabhai

- move web files to reside under /var/www

- move files from /usr/share to /usr/share

- integrate spot-fixes from mailman lists via gnome.org

* Mon Jun 19 2000 Nalin Dahyabhai

- rebuild for Power Tools

* Tue May 23 2000 Nalin Dahyabhai

- Update to 2.0beta2 to pick up security fixes.

- Change equires python to list >= 1.5.2

* Mon Nov 8 1999 Bernhard Rosenkranzer

- 1.1

* Tue Sep 14 1999 Preston Brown

- 1.0 final.

* Tue Jun 15 1999 Preston Brown

- security fix for cookies

- moved to /usr/share/mailman

* Fri May 28 1999 Preston Brown

- fix up default values.

* Fri May 7 1999 Preston Brown

- modifications to install scripts

* Thu May 6 1999 Preston Brown

- initial RPM for SWS 3.0

898fb9a008e82e26614d157bc6178244 SRPMS/mailman-2.1.5-10.fc2.src.rpm

69e2626ff50b3a1c71ef758a3724a5bb x86_64/mailman-2.1.5-10.fc2.x86_64.rpm

9aa5111f6bd88033bebfc67d329b7679 x86_64/debug/mailman-debuginfo-2.1.5-10.fc2.x86_64.rpm

2bb2085fd024b45215d43d0c17dc05f4 i386/mailman-2.1.5-10.fc2.i386.rpm

088c601b4fd076b933128a398810f7b7 i386/debug/mailman-debuginfo-2.1.5-10.fc2.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

John Dennis

--fedora-announce-list mailing list

fedora-announce-list@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2005-241 2005-03-22 Name : mailman Version : 2.1.5 Release : 10.fc2 Summary : Mailing list manager with built in Web access. Description : Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from the Web. Mailman also integrates most things people want to do with mailing lists, including archiving, mail <-> news gateways, and so on. Documentation can be found in: /usr/share/doc/mailman-2.1.5 When the package has finished installing, you will need to perform some additional installation steps, these are described in: /usr/share/doc/mailman-2.1.5/INSTALL.REDHAT A cross-site scripting (XSS) flaw in the driver script of mailman prior to version 2.1.5 could allow remote attackers to execute scripts as other web users. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1177 to this issue. Users of mailman should update to this erratum package, which corrects this issue by turning on STEALTH_MODE by default and using Utils.websafe() to quote the html. - fix bug #147833, CAN-2004-1177 * Mon Feb 14 2005 John Dennis - 3:2.1.5-9.fc2 - fix bug #147856, moderator -1 admin requests pending * Tue Feb 8 2005 John Dennis - 3:2.1.5-8.fc2 - fix security vulnerability CAN-2005-0202, errata RHSA-2005:136, bug #147343 * Wed Jun 9 2004 John Dennis - 3:2.1.5-6 - fix bug in pre scriplet, last command had been "service mailman stop" - bump rev for rebuild which should have been harmless if mailman was not installed except that it left the exit status from the script as non-zero and rpm aborted the install. * Wed Jun 9 2004 John Dennis - 3:2.1.5-5 - add status reporting to init.d control script stop mailman during an installation restart mailman if it had been running prior to installation * Mon Jun 7 2004 John Dennis - 3:2.1.5-4 - back python prereq down to 2.2, should be sufficient * Thu May 20 2004 John Dennis 3:2.1.5-3 - make python prereq be at least 2.3 * Tue May 18 2004 Jeremy Katz 3:2.1.5-2 - rebuild * Mon May 17 2004 John Dennis 3:2.1.5-1 - bring up to latest 2.1.5 upstream release From Barry Warsaw: Mailman 2.1.5, a bug fix release that also contains new support for the Turkish language, and a few minor new features. Mailman 2.1.5 is a significant upgrade which should improve disk i/o performance, administrative overhead for discarding held spams, and the behavior of bouncing member disables. This version also contains a fix for an exploit that could allow 3rd parties to retrieve member passwords. It is thus highly recommended that all existing sitesupgrade to the latest version * Tue May 4 2004 Warren Togami 3:2.1.4-4 - #105638 fix bytecompile and rpm -V - postun /etc/postfix/aliases fix - clean uninstall (no more empty dirs) - #115378 RedirectMatch syntax fix * Fri Feb 13 2004 Elliot Lee - rebuilt * Fri Jan 9 2004 John Dennis 3:2.1.4-1 - upgrade to new upstream release 2.1.4 - fixes bugs 106349,112851,105367,91463 * Wed Jun 4 2003 Elliot Lee - rebuilt * Wed May 7 2003 John Dennis - bring up to next upstream release 2.1.2 * Sun May 4 2003 Florian La Roche - fix typo in post script: mmusr -> mmuser * Thu Apr 24 2003 John Dennis - fix bug 72004, 74483, 74484, 87856 - improper log rotation - fix bug 88083 - mailman user/group needed to exist during build - fix bug 88144 - wrong %file attributes on mm_cfg.py - fix bug 89221 - mailman user not created on install - fix bug 89250 - wrong pid file name in initscript * Wed Mar 5 2003 Florian La Roche - change to /etc/rc.d/init.d as in all other rpms * Thu Feb 20 2003 John Dennis - change mailman login shell from /bin/false to /sbin/nologin * Fri Feb 14 2003 John Dennis - bring package up to 2.1.1 release, add /usr/share/doc files * Sat Feb 1 2003 Florian La Roche - make the icon dir owned by root:root as in other rpms * Fri Jan 31 2003 John Dennis - various small tweaks to the spec file to make installation cleaner - use /usr/bin/python when compiling, redirect compile output to /dev/null, - don't run update in %post, let the user do it, remove the .pyc files in %postun, - add setting of MAILHOST and URLHOST to localhost.localdomain, don't let - configure set them to the build machine. * Mon Jan 27 2003 John Dennis - add the cross site scripting (xss) security patch to version 2.1 * Fri Jan 24 2003 John Dennis - do not start mailman service in %post * Wed Jan 22 2003 Tim Powers - rebuilt * Mon Jan 20 2003 John Dennis - 1) remove config patch, mailmanctl was not the right file to install in init.d, - it needed to be scripts/mailman - 2) rename httpd-mailman.conf to mailman.conf, since the file now lives - in httpd/conf.d directory the http prefix is redundant and inconsistent - with the other file names in that directory. * Tue Jan 7 2003 John Dennis - Bring package up to date with current upstream source, 2.1 - Fix several install/packaging problems that were in upstream source - Add multiple mail group functionality - Fix syntax error in fblast.py - Remove the forced setting of mail host and url host in mm_cfg.py * Tue Nov 12 2002 Tim Powers 2.0.13-4 - remove files from $$RPM_BUILD_ROOT that we don't intent to ship * Wed Aug 14 2002 Nalin Dahyabhai 2.0.13-3 - set MAILHOST and WWWHOST in case the configure script can't figure out the local host name * Fri Aug 2 2002 Nalin Dahyabhai 2.0.13-2 - rebuild * Fri Aug 2 2002 Nalin Dahyabhai 2.0.13-1 - specify log files individually, per faq wizard - update to 2.0.13 * Wed May 22 2002 Nalin Dahyabhai 2.0.11-1 - update to 2.0.11 * Fri Apr 5 2002 Nalin Dahyabhai 2.0.9-1 - include README.QMAIL in with the docs (#58887) - include README.SENDMAIL and README.EXIM in with the docs - use an included httpd.conf file instead of listing the configuration directives in the %description, which due to specspo magic might look wrong sometimes (part of #51324) - interpolate the DEFAULT_HOST_NAME value in mm.cfg into both the DEFAULT_URL and MAILMAN_OWNER (#57987) - move logs to /var/log/mailman, qfiles to /var/spool/mailman, rotate logs in the log directory (#48724) - raise exceptions when someone tries to set the admin address for a list to that of the admin alias (#61468) * Thu Apr 4 2002 Nalin Dahyabhai - fix a default permissions problem in /var/mailman/archives/private, reported by Johannes Erdfelt - update to 2.0.9 * Tue Apr 2 2002 Nalin Dahyabhai - make the symlink in /etc/smrsh relative * Tue Dec 11 2001 Nalin Dahyabhai 2.0.8-1 - set FQDN and URL at build-time so that they won't be set to the host the RPM package is built on (#59177) * Wed Nov 28 2001 Nalin Dahyabhai - update to 2.0.8 * Sat Nov 17 2001 Florian La Roche 2.0.7-1 - update to 2.0.7 * Wed Jul 25 2001 Nalin Dahyabhai 2.0.6-1 - update to 2.0.6 * Mon Jun 25 2001 Nalin Dahyabhai - code in default user/group names/IDs * Wed May 30 2001 Nalin Dahyabhai - update to 2.0.5 - change the default hostname from localhost to localhost.localdomain in the default configuration - chuck configuration file settings other than those dependent on the host name (the build system's host name is not a good default) (#32337) * Tue Mar 13 2001 Nalin Dahyabhai - update to 2.0.3 * Tue Mar 6 2001 Nalin Dahyabhai - update to 2.0.2 * Wed Feb 21 2001 Nalin Dahyabhai - patch from Barry Warsaw (via mailman-developers) to not die on broken Content-Type: headers * Tue Jan 9 2001 Nalin Dahyabhai - update to 2.0.1 * Wed Dec 6 2000 Nalin Dahyabhai - update to 2.0 final release - move the data to /var * Fri Oct 20 2000 Nalin Dahyabhai - update to beta 6 * Thu Aug 3 2000 Nalin Dahyabhai - add note about adding FollowSymlinks so that archives work * Wed Aug 2 2000 Nalin Dahyabhai - make the default owner root again so that root owns the docs - update to 2.0beta5, which fixes a possible security vulnerability - add smrsh symlink * Mon Jul 24 2000 Prospector - rebuilt * Wed Jul 19 2000 Nalin Dahyabhai - update to beta4 - change uid/gid to apache.apache to match apache (#13593) - properly recompile byte-compiled versions of the scripts (#13619) - change mailman alias from root to postmaster * Sat Jul 1 2000 Nalin Dahyabhai - update to beta3 - drop bugs and arch patches (integrated into beta3) * Tue Jun 27 2000 Nalin Dahyabhai - move web files to reside under /var/www - move files from /usr/share to /usr/share - integrate spot-fixes from mailman lists via gnome.org * Mon Jun 19 2000 Nalin Dahyabhai - rebuild for Power Tools * Tue May 23 2000 Nalin Dahyabhai - Update to 2.0beta2 to pick up security fixes. - Change equires python to list >= 1.5.2 * Mon Nov 8 1999 Bernhard Rosenkranzer - 1.1 * Tue Sep 14 1999 Preston Brown - 1.0 final. * Tue Jun 15 1999 Preston Brown - security fix for cookies - moved to /usr/share/mailman * Fri May 28 1999 Preston Brown - fix up default values. * Fri May 7 1999 Preston Brown - modifications to install scripts * Thu May 6 1999 Preston Brown - initial RPM for SWS 3.0 898fb9a008e82e26614d157bc6178244 SRPMS/mailman-2.1.5-10.fc2.src.rpm 69e2626ff50b3a1c71ef758a3724a5bb x86_64/mailman-2.1.5-10.fc2.x86_64.rpm 9aa5111f6bd88033bebfc67d329b7679 x86_64/debug/mailman-debuginfo-2.1.5-10.fc2.x86_64.rpm 2bb2085fd024b45215d43d0c17dc05f4 i386/mailman-2.1.5-10.fc2.i386.rpm 088c601b4fd076b933128a398810f7b7 i386/debug/mailman-debuginfo-2.1.5-10.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -- John Dennis --fedora-announce-list mailing list fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list