------------------------------------------------------------
revno: 1027
tags: 2.1.10b1
committer: Mark Sapiro <[EMAIL PROTECTED]>
branch nick: 2.1
timestamp: Tue 2007-12-04 11:52:18 -0800
message:
Mailman/Cgi/edithtml.py
Mailman/Gui/General.py
Mailman/Utils.py - Better detection of potentially evil HTML in GUI.
Mailman/Version.py
NEWS - Updates for 2.1.10b1 release.
Mailman/Gui/General.py
messages/mailman.pot - Added admin_member_chunksize to Gui. Two new
associated messages.
modified:
Mailman/Cgi/edithtml.py
Mailman/Gui/General.py
Mailman/Utils.py
Mailman/Version.py
NEWS
messages/mailman.pot
=== modified file 'Mailman/Cgi/edithtml.py'
--- a/Mailman/Cgi/edithtml.py 2006-08-30 14:54:22 +0000
+++ b/Mailman/Cgi/edithtml.py 2007-12-04 19:52:18 +0000
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2006 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2007 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -159,7 +159,20 @@
doc.AddItem('<hr>')
return
code = cgi_info['html_code'].value
- code = re.sub(r'<([/]?script.*?)>', r'<\1>', code)
+ if Utils.suspiciousHTML(code):
+ doc.AddItem(Header(3,
+ _("""The page you saved contains suspicious HTML that could
+potentially expose your users to cross-site scripting attacks. This change
+has therefore been rejected. If you still want to make these changes, you
+must have shell access to your Mailman server.
+ """)))
+ doc.AddItem(_('See '))
+ doc.AddItem(Link(
+'http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq04.048.htp',
+ _('FAQ 4.48.')))
+ doc.AddItem(Header(3,_("Page Unchanged.")))
+ doc.AddItem('<hr>')
+ return
langdir = os.path.join(mlist.fullpath(), mlist.preferred_language)
# Make sure the directory exists
omask = os.umask(0)
=== modified file 'Mailman/Gui/General.py'
--- a/Mailman/Gui/General.py 2006-08-30 14:54:22 +0000
+++ b/Mailman/Gui/General.py 2007-12-04 19:52:18 +0000
@@ -1,4 +1,4 @@
-# Copyright (C) 2001-2006 by the Free Software Foundation, Inc.
+# Copyright (C) 2001-2007 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -19,6 +19,8 @@
import re
+from types import IntType
+
from Mailman import mm_cfg
from Mailman import Utils
from Mailman import Errors
@@ -358,6 +360,10 @@
_('''Maximum length in kilobytes (KB) of a message body. Use 0
for no limit.''')),
+ ('admin_member_chunksize', mm_cfg.Number, 7, 0,
+ _('''Maximum number of members to show on one page of the
+ Membership List.''')),
+
('host_name', mm_cfg.Host, WIDTH, 0,
_('Host name this list prefers for email.'),
@@ -436,17 +442,25 @@
# Convert any html entities to Unicode
mlist.subject_prefix = Utils.canonstr(
val, mlist.preferred_language)
+ elif property == 'info':
+ if val <> mlist.info:
+ if Utils.suspiciousHTML(val):
+ doc.addError(_("""The <b>info</b> attribute you saved
+contains suspicious HTML that could potentially expose your users to cross-site
+scripting attacks. This change has therefore been rejected. If you still want
+to make these changes, you must have shell access to your Mailman server.
+This change can be made with bin/withlist or with bin/config_list by setting
+mlist.info.
+ """))
+ else:
+ mlist.info = val
+ elif property == 'admin_member_chunksize' and (val < 1
+ or not isinstance(val, IntType)):
+ doc.addError(_("""<b>admin_member_chunksize</b> attribute not
+ changed! It must be an integer > 0."""))
else:
GUIBase._setValue(self, mlist, property, val, doc)
- def _escape(self, property, value):
- # The 'info' property allows HTML, but let's sanitize it to avoid XSS
- # exploits. Everything else should be fully escaped.
- if property <> 'info':
- return GUIBase._escape(self, property, value)
- # Sanitize <script> and </script> tags but nothing else. Not the best
- # solution, but expedient.
- return re.sub(r'(?i)<([/]?script.*?)>', r'<\1>', value)
def _postValidate(self, mlist, doc):
if not mlist.reply_to_address.strip() and \
=== modified file 'Mailman/Utils.py'
--- a/Mailman/Utils.py 2007-11-25 08:04:30 +0000
+++ b/Mailman/Utils.py 2007-12-04 19:52:18 +0000
@@ -876,3 +876,154 @@
except (LookupError, UnicodeError, ValueError, HeaderParseError):
# possibly charset problem. return with undecoded string in one line.
return EMPTYSTRING.join(s.splitlines())
+
+
+# Patterns and functions to flag possible XSS attacks in HTML.
+# This list is compiled from information at http://ha.ckers.org/xss.html,
+# http://www.quirksmode.org/js/events_compinfo.html,
+# http://www.htmlref.com/reference/appa/events1.htm,
+# http://lxr.mozilla.org/mozilla/source/content/events/src/nsDOMEvent.cpp#59,
+# http://www.w3.org/TR/DOM-Level-2-Events/events.html and
+# http://www.xulplanet.com/references/elemref/ref_EventHandlers.html
+# Many thanks are due to Moritz Naumann for his assistance with this.
+_badwords = [
+ '<i?frame',
+ '<link',
+ '<meta',
+ '<script',
+ r'(?:^|\W)j(?:ava)?script(?:\W|$)',
+ r'(?:^|\W)vbs(?:cript)?(?:\W|$)',
+ r'(?:^|\W)domactivate(?:\W|$)',
+ r'(?:^|\W)domattrmodified(?:\W|$)',
+ r'(?:^|\W)domcharacterdatamodified(?:\W|$)',
+ r'(?:^|\W)domfocus(?:in|out)(?:\W|$)',
+ r'(?:^|\W)dommenuitem(?:in)?active(?:\W|$)',
+ r'(?:^|\W)dommousescroll(?:\W|$)',
+ r'(?:^|\W)domnodeinserted(?:intodocument)?(?:\W|$)',
+ r'(?:^|\W)domnoderemoved(?:fromdocument)?(?:\W|$)',
+ r'(?:^|\W)domsubtreemodified(?:\W|$)',
+ r'(?:^|\W)fscommand(?:\W|$)',
+ r'(?:^|\W)onabort(?:\W|$)',
+ r'(?:^|\W)on(?:de)?activate(?:\W|$)',
+ r'(?:^|\W)on(?:after|before)print(?:\W|$)',
+ r'(?:^|\W)on(?:after|before)update(?:\W|$)',
+ r'(?:^|\W)onbefore(?:(?:de)?activate|copy|cut|editfocus|paste)(?:\W|$)',
+ r'(?:^|\W)onbeforeunload(?:\W|$)',
+ r'(?:^|\W)onbegin(?:\W|$)',
+ r'(?:^|\W)onblur(?:\W|$)',
+ r'(?:^|\W)onbounce(?:\W|$)',
+ r'(?:^|\W)onbroadcast(?:\W|$)',
+ r'(?:^|\W)on(?:cell)?change(?:\W|$)',
+ r'(?:^|\W)oncheckboxstatechange(?:\W|$)',
+ r'(?:^|\W)on(?:dbl)?click(?:\W|$)',
+ r'(?:^|\W)onclose(?:\W|$)',
+ r'(?:^|\W)oncommand(?:update)?(?:\W|$)',
+ r'(?:^|\W)oncomposition(?:end|start)(?:\W|$)',
+ r'(?:^|\W)oncontextmenu(?:\W|$)',
+ r'(?:^|\W)oncontrolselect(?:\W|$)',
+ r'(?:^|\W)oncopy(?:\W|$)',
+ r'(?:^|\W)oncut(?:\W|$)',
+ r'(?:^|\W)ondataavailable(?:\W|$)',
+ r'(?:^|\W)ondataset(?:changed|complete)(?:\W|$)',
+ r'(?:^|\W)ondrag(?:drop|end|enter|exit|gesture|leave|over)?(?:\W|$)',
+ r'(?:^|\W)ondragstart(?:\W|$)',
+ r'(?:^|\W)ondrop(?:\W|$)',
+ r'(?:^|\W)onend(?:\W|$)',
+ r'(?:^|\W)onerror(?:update)?(?:\W|$)',
+ r'(?:^|\W)onfilterchange(?:\W|$)',
+ r'(?:^|\W)onfinish(?:\W|$)',
+ r'(?:^|\W)onfocus(?:in|out)?(?:\W|$)',
+ r'(?:^|\W)onhelp(?:\W|$)',
+ r'(?:^|\W)oninput(?:\W|$)',
+ r'(?:^|\W)onkey(?:up|down|press)(?:\W|$)',
+ r'(?:^|\W)onlayoutcomplete(?:\W|$)',
+ r'(?:^|\W)on(?:un)?load(?:\W|$)',
+ r'(?:^|\W)onlosecapture(?:\W|$)',
+ r'(?:^|\W)onmedia(?:complete|error)(?:\W|$)',
+ r'(?:^|\W)onmouse(?:down|enter|leave|move|out|over|up|wheel)(?:\W|$)',
+ r'(?:^|\W)onmove(?:end|start)?(?:\W|$)',
+ r'(?:^|\W)on(?:off|on)line(?:\W|$)',
+ r'(?:^|\W)onoutofsync(?:\W|$)',
+ r'(?:^|\W)onoverflow(?:changed)?(?:\W|$)',
+ r'(?:^|\W)onpage(?:hide|show)(?:\W|$)',
+ r'(?:^|\W)onpaint(?:\W|$)',
+ r'(?:^|\W)onpaste(?:\W|$)',
+ r'(?:^|\W)onpause(?:\W|$)',
+ r'(?:^|\W)onpopup(?:hidden|hiding|showing|shown)(?:\W|$)',
+ r'(?:^|\W)onprogress(?:\W|$)',
+ r'(?:^|\W)onpropertychange(?:\W|$)',
+ r'(?:^|\W)onradiostatechange(?:\W|$)',
+ r'(?:^|\W)onreadystatechange(?:\W|$)',
+ r'(?:^|\W)onrepeat(?:\W|$)',
+ r'(?:^|\W)onreset(?:\W|$)',
+ r'(?:^|\W)onresize(?:end|start)?(?:\W|$)',
+ r'(?:^|\W)onresume(?:\W|$)',
+ r'(?:^|\W)onreverse(?:\W|$)',
+ r'(?:^|\W)onrow(?:delete|enter|exit|inserted)(?:\W|$)',
+ r'(?:^|\W)onrows(?:delete|enter|inserted)(?:\W|$)',
+ r'(?:^|\W)onscroll(?:\W|$)',
+ r'(?:^|\W)onseek(?:\W|$)',
+ r'(?:^|\W)onselect(?:start)?(?:\W|$)',
+ r'(?:^|\W)onselectionchange(?:\W|$)',
+ r'(?:^|\W)onstart(?:\W|$)',
+ r'(?:^|\W)onstop(?:\W|$)',
+ r'(?:^|\W)onsubmit(?:\W|$)',
+ r'(?:^|\W)onsync(?:from|to)preference(?:\W|$)',
+ r'(?:^|\W)onsyncrestored(?:\W|$)',
+ r'(?:^|\W)ontext(?:\W|$)',
+ r'(?:^|\W)ontimeerror(?:\W|$)',
+ r'(?:^|\W)ontrackchange(?:\W|$)',
+ r'(?:^|\W)onunderflow(?:\W|$)',
+ r'(?:^|\W)onurlflip(?:\W|$)',
+ r'(?:^|\W)seeksegmenttime(?:\W|$)',
+ r'(?:^|\W)svgabort(?:\W|$)',
+ r'(?:^|\W)svgerror(?:\W|$)',
+ r'(?:^|\W)svgload(?:\W|$)',
+ r'(?:^|\W)svgresize(?:\W|$)',
+ r'(?:^|\W)svgscroll(?:\W|$)',
+ r'(?:^|\W)svgunload(?:\W|$)',
+ r'(?:^|\W)svgzoom(?:\W|$)',
+ ]
+
+
+# This is the actual re to look for the above patterns
+_badhtml = re.compile('|'.join(_badwords), re.IGNORECASE)
+# This is used to filter non-printable us-ascii characters, some of which
+# can be used to break words to avoid recognition.
+_filterchars = re.compile('[\000-\011\013\014\016-\037\177-\237]')
+# This is used to recognize '&#' and '%xx' strings for _translate which
+# translates them to characters
+_encodedchars = re.compile('(&#[0-9]+;?)|(&#x[0-9a-f]+;?)|(%[0-9a-f]{2})',
+ re.IGNORECASE)
+
+
+def _translate(mo):
+ """Translate &#... and %xx encodings into the encoded character."""
+ match = mo.group().lower().strip('&#;')
+ try:
+ if match.startswith('x') or match.startswith('%'):
+ val = int(match[1:], 16)
+ else:
+ val = int(match, 10)
+ except ValueError:
+ return ''
+ if val < 256:
+ return chr(val)
+ else:
+ return ''
+
+
+def suspiciousHTML(html):
+ """Check HTML string for various tags, script language names and
+ 'onxxx' actions that can be used in XSS attacks.
+ Currently, this a very simple minded test. It just looks for
+ patterns without analyzing context. Thus, it potentially flags lots
+ of benign stuff.
+ Returns True if anything suspicious found, False otherwise.
+ """
+
+ if _badhtml.search(_filterchars.sub(
+ '', _encodedchars.sub(_translate, html))):
+ return True
+ else:
+ return False
=== modified file 'Mailman/Version.py'
--- a/Mailman/Version.py 2007-11-25 07:08:04 +0000
+++ b/Mailman/Version.py 2007-12-04 19:52:18 +0000
@@ -16,7 +16,7 @@
# USA.
# Mailman version
-VERSION = "2.1.10a0"
+VERSION = "2.1.10b1"
# And as a hex number in the manner of PY_VERSION_HEX
ALPHA = 0xa
@@ -29,9 +29,9 @@
MAJOR_REV = 2
MINOR_REV = 1
MICRO_REV = 10
-REL_LEVEL = ALPHA
+REL_LEVEL = BETA
# at most 15 beta releases!
-REL_SERIAL = 0
+REL_SERIAL = 1
HEX_VERSION = ((MAJOR_REV << 24) | (MINOR_REV << 16) | (MICRO_REV << 8) |
(REL_LEVEL << 4) | (REL_SERIAL << 0))
=== modified file 'NEWS'
--- a/NEWS 2007-11-25 19:15:15 +0000
+++ b/NEWS 2007-12-04 19:52:18 +0000
@@ -4,7 +4,43 @@
Here is a history of user visible changes to Mailman.
-2.1.10b0 (XX-Nov-2007)
+2.1.10b1 (04-Dec-2007)
+
+ Security
+
+ - The 2.1.9 fixes for CVE-2006-3636 have been enhanced. In particular,
+ many potential cross-site scripting attacks have are now detected in
+ editing templates and updating the list's info attribute via the web
+ admin interface. Thanks again to Moritz Naumann for assistance with
+ this.
+
+ New Features
+
+ - Changed cmd_who.py to list all members if authorization is with the
+ list's admin or moderator password and to accept the password if the
+ roster is public. Also changed the web roster to show hidden members
+ when authorization is by site or list's admin or moderator password
+ (1587651).
+
+ - Added the ability to put a list name in accept_these_nonmembers
+ to accept posts from members of that list (1220144).
+
+ - Added a new 'sibling list' feature to exclude members of another list
+ from receiving a post from this list if the other list is in the To: or
+ Cc: of the post or to include members of the other list if that list is
+ not in the To: or Cc: of the post (Patch ID 1347962).
+
+ - Added the admin_member_chunksize attribute to the admin General Options
+ interface (Bug 1072002, Partial RFE 782436).
+
+Internationalization
+
+ - Added the Hebrew translation from Dov Zamir. This includes addition of
+ a direction ('ltr', 'rtl') to the LC_DESCRIPTIONS table. The
+ add_language() function defaults direction to 'ltr' to not break
+ existing mm_cfg.py files.
+
+ - Added the Slovak translation from Martin Matuska.
Bug fixes and other patches
@@ -61,12 +97,6 @@
- Fixed admin.py so null VARHELP category is handled (1573393).
- - Changed cmd_who.py to list all members if authorization is with the
- list's admin or moderator password and to accept the password if the
- roster is public. Also changed the web roster to show hidden members
- when authorization is by site or list's admin or moderator password
- (1587651).
-
- Fixed OldStyleMemberships.py to preserve delivery statuses BYADMIN
and BYUSER on a straight change of address (1642388). Also fixed a
bug that could result in a member key with uppercase in the domain.
@@ -102,24 +132,14 @@
wasn't always found in quoted-printable encoded parts and was never
found in base64 encoded parts. This is now fixed.
- - Added the Hebrew translation from Dov Zamir. This includes addition of
- a direction ('ltr', 'rtl') to the LC_DESCRIPTIONS table. The
- add_language() function defaults direction to 'ltr' to not break
- existing mm_cfg.py files.
-
- - Added the ability to put a list name in accept_these_nonmembers
- to accept posts from members of that list (1220144).
-
- Fixed a mail loop if a list owner puts the list's -bounces or -admin
address in the list's owner attribute (1834569).
- Fixed the mailto: link in archived messages to prefix the subject with
Re: and to put the correct message-id in In-Reply-To (1621278, 1834281).
- - Added a new 'sibling list' feature to exclude members of another list
- from receiving a post from this list if the other list is in the To: or
- Cc: of the post or to include members of the other list if that list is
- not in the To: or Cc: of the post (Patch ID 1347962).
+ - Coerced list name arguments to lower case in the change_pw, inject,
+ list_admins and list_owners command line tools (patch 1842412).
2.1.9 (12-Sep-2006)
=== modified file 'messages/mailman.pot'
--- a/messages/mailman.pot 2007-11-27 04:05:42 +0000
+++ b/messages/mailman.pot 2007-12-04 19:52:18 +0000
@@ -5,7 +5,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
-"POT-Creation-Date: Mon Nov 26 19:58:53 2007\n"
+"POT-Creation-Date: Mon Dec 3 20:27:32 2007\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <[EMAIL PROTECTED]>\n"
"Language-Team: LANGUAGE <[EMAIL PROTECTED]>\n"
@@ -766,13 +766,13 @@
#: Mailman/Gui/Bounce.py:155 Mailman/Gui/ContentFilter.py:74
#: Mailman/Gui/ContentFilter.py:116 Mailman/Gui/ContentFilter.py:120
#: Mailman/Gui/Digest.py:46 Mailman/Gui/Digest.py:62 Mailman/Gui/Digest.py:84
-#: Mailman/Gui/Digest.py:89 Mailman/Gui/General.py:154
-#: Mailman/Gui/General.py:160 Mailman/Gui/General.py:238
-#: Mailman/Gui/General.py:265 Mailman/Gui/General.py:292
-#: Mailman/Gui/General.py:303 Mailman/Gui/General.py:306
-#: Mailman/Gui/General.py:316 Mailman/Gui/General.py:321
-#: Mailman/Gui/General.py:327 Mailman/Gui/General.py:347
-#: Mailman/Gui/General.py:375 Mailman/Gui/General.py:398
+#: Mailman/Gui/Digest.py:89 Mailman/Gui/General.py:156
+#: Mailman/Gui/General.py:162 Mailman/Gui/General.py:240
+#: Mailman/Gui/General.py:267 Mailman/Gui/General.py:294
+#: Mailman/Gui/General.py:305 Mailman/Gui/General.py:308
+#: Mailman/Gui/General.py:318 Mailman/Gui/General.py:323
+#: Mailman/Gui/General.py:329 Mailman/Gui/General.py:349
+#: Mailman/Gui/General.py:381 Mailman/Gui/General.py:404
#: Mailman/Gui/NonDigest.py:45 Mailman/Gui/NonDigest.py:53
#: Mailman/Gui/NonDigest.py:140 Mailman/Gui/Privacy.py:110
#: Mailman/Gui/Privacy.py:116 Mailman/Gui/Privacy.py:149
@@ -793,13 +793,13 @@
#: Mailman/Gui/ContentFilter.py:74 Mailman/Gui/ContentFilter.py:116
#: Mailman/Gui/ContentFilter.py:120 Mailman/Gui/Digest.py:46
#: Mailman/Gui/Digest.py:62 Mailman/Gui/Digest.py:84 Mailman/Gui/Digest.py:89
-#: Mailman/Gui/General.py:154 Mailman/Gui/General.py:160
-#: Mailman/Gui/General.py:238 Mailman/Gui/General.py:265
-#: Mailman/Gui/General.py:292 Mailman/Gui/General.py:303
-#: Mailman/Gui/General.py:306 Mailman/Gui/General.py:316
-#: Mailman/Gui/General.py:321 Mailman/Gui/General.py:327
-#: Mailman/Gui/General.py:347 Mailman/Gui/General.py:375
-#: Mailman/Gui/General.py:398 Mailman/Gui/NonDigest.py:45
+#: Mailman/Gui/General.py:156 Mailman/Gui/General.py:162
+#: Mailman/Gui/General.py:240 Mailman/Gui/General.py:267
+#: Mailman/Gui/General.py:294 Mailman/Gui/General.py:305
+#: Mailman/Gui/General.py:308 Mailman/Gui/General.py:318
+#: Mailman/Gui/General.py:323 Mailman/Gui/General.py:329
+#: Mailman/Gui/General.py:349 Mailman/Gui/General.py:381
+#: Mailman/Gui/General.py:404 Mailman/Gui/NonDigest.py:45
#: Mailman/Gui/NonDigest.py:53 Mailman/Gui/NonDigest.py:140
#: Mailman/Gui/Privacy.py:110 Mailman/Gui/Privacy.py:116
#: Mailman/Gui/Privacy.py:149 Mailman/Gui/Privacy.py:197
@@ -3427,7 +3427,7 @@
" Is Disabled</em> warnings. This value must be an integer."
msgstr ""
-#: Mailman/Gui/Bounce.py:117 Mailman/Gui/General.py:263
+#: Mailman/Gui/Bounce.py:117 Mailman/Gui/General.py:265
msgid "Notifications"
msgstr ""
@@ -3777,41 +3777,41 @@
" "
msgstr ""
-#: Mailman/Gui/General.py:34
+#: Mailman/Gui/General.py:36
msgid "General Options"
msgstr ""
-#: Mailman/Gui/General.py:48
+#: Mailman/Gui/General.py:50
msgid "Conceal the member's address"
msgstr ""
-#: Mailman/Gui/General.py:49
+#: Mailman/Gui/General.py:51
msgid "Acknowledge the member's posting"
msgstr ""
-#: Mailman/Gui/General.py:50
+#: Mailman/Gui/General.py:52
msgid "Do not send a copy of a member's own post"
msgstr ""
-#: Mailman/Gui/General.py:52
+#: Mailman/Gui/General.py:54
msgid "Filter out duplicate messages to list members (if possible)"
msgstr ""
-#: Mailman/Gui/General.py:59
+#: Mailman/Gui/General.py:61
msgid ""
"Fundamental list characteristics, including descriptive\n"
" info and basic behaviors."
msgstr ""
-#: Mailman/Gui/General.py:62
+#: Mailman/Gui/General.py:64
msgid "General list personality"
msgstr ""
-#: Mailman/Gui/General.py:65
+#: Mailman/Gui/General.py:67
msgid "The public name of this list (make case-changes only)."
msgstr ""
-#: Mailman/Gui/General.py:66
+#: Mailman/Gui/General.py:68
msgid ""
"The capitalization of this name can be changed to make it\n"
" presentable in polite company as a proper noun, or to make an\n"
@@ -3822,13 +3822,13 @@
" almost everything else :-)"
msgstr ""
-#: Mailman/Gui/General.py:75
+#: Mailman/Gui/General.py:77
msgid ""
"The list administrator email addresses. Multiple\n"
" administrator addresses, each on separate line is okay."
msgstr ""
-#: Mailman/Gui/General.py:78
+#: Mailman/Gui/General.py:80
msgid ""
"There are two ownership roles associated with each mailing\n"
" list. The <em>list administrators</em> are the people who
have\n"
@@ -3851,13 +3851,13 @@
" are changing here specifies the list administrators."
msgstr ""
-#: Mailman/Gui/General.py:99
+#: Mailman/Gui/General.py:101
msgid ""
"The list moderator email addresses. Multiple\n"
" moderator addresses, each on separate line is okay."
msgstr ""
-#: Mailman/Gui/General.py:102
+#: Mailman/Gui/General.py:104
msgid ""
"There are two ownership roles associated with each mailing\n"
" list. The <em>list administrators</em> are the people who
have\n"
@@ -3880,11 +3880,11 @@
" specifies the list moderators."
msgstr ""
-#: Mailman/Gui/General.py:123
+#: Mailman/Gui/General.py:125
msgid "A terse phrase identifying this list."
msgstr ""
-#: Mailman/Gui/General.py:125
+#: Mailman/Gui/General.py:127
msgid ""
"This description is used when the mailing list is listed with\n"
" other mailing lists, or in headers, and so forth. It
should\n"
@@ -3892,7 +3892,7 @@
" the list is."
msgstr ""
-#: Mailman/Gui/General.py:131
+#: Mailman/Gui/General.py:133
msgid ""
"An introductory description - a few paragraphs - about the\n"
" list. It will be included, as html, at the top of the
listinfo\n"
@@ -3900,7 +3900,7 @@
" for more info."
msgstr ""
-#: Mailman/Gui/General.py:135
+#: Mailman/Gui/General.py:137
msgid ""
"The text will be treated as html <em>except</em> that\n"
" newlines will be translated to <br> - so you can use
links,\n"
@@ -3910,11 +3910,11 @@
" display of the entire listinfo page."
msgstr ""
-#: Mailman/Gui/General.py:143
+#: Mailman/Gui/General.py:145
msgid "Prefix for subject line of list postings."
msgstr ""
-#: Mailman/Gui/General.py:144
+#: Mailman/Gui/General.py:146
msgid ""
"This text will be prepended to subject lines of messages\n"
" posted to the list, to distinguish mailing list messages in\n"
@@ -3927,17 +3927,17 @@
" "
msgstr ""
-#: Mailman/Gui/General.py:155
+#: Mailman/Gui/General.py:157
msgid ""
"Hide the sender of a message, replacing it with the list\n"
" address (Removes From, Sender and Reply-To fields)"
msgstr ""
-#: Mailman/Gui/General.py:158
+#: Mailman/Gui/General.py:160
msgid "<tt>Reply-To:</tt> header munging"
msgstr ""
-#: Mailman/Gui/General.py:161
+#: Mailman/Gui/General.py:163
msgid ""
"Should any existing <tt>Reply-To:</tt> header found in the\n"
" original message be stripped? If so, this will be done\n"
@@ -3945,26 +3945,26 @@
" added by Mailman or not."
msgstr ""
-#: Mailman/Gui/General.py:167
+#: Mailman/Gui/General.py:169
msgid "Explicit address"
msgstr ""
-#: Mailman/Gui/General.py:167
+#: Mailman/Gui/General.py:169
msgid "Poster"
msgstr ""
-#: Mailman/Gui/General.py:167
+#: Mailman/Gui/General.py:169
msgid "This list"
msgstr ""
-#: Mailman/Gui/General.py:168
+#: Mailman/Gui/General.py:170
msgid ""
"Where are replies to list messages directed?\n"
" <tt>Poster</tt> is <em>strongly</em> recommended for most
mailing\n"
" lists."
msgstr ""
-#: Mailman/Gui/General.py:173
+#: Mailman/Gui/General.py:175
msgid ""
"This option controls what Mailman does to the\n"
" <tt>Reply-To:</tt> header in messages flowing through this\n"
@@ -3998,11 +3998,11 @@
" list."
msgstr ""
-#: Mailman/Gui/General.py:205
+#: Mailman/Gui/General.py:207
msgid "Explicit <tt>Reply-To:</tt> header."
msgstr ""
-#: Mailman/Gui/General.py:207
+#: Mailman/Gui/General.py:209
msgid ""
"This is the address set in the <tt>Reply-To:</tt> header\n"
" when the <a\n"
@@ -4034,17 +4034,17 @@
" <tt>Reply-To:</tt> header, it will not be changed."
msgstr ""
-#: Mailman/Gui/General.py:236
+#: Mailman/Gui/General.py:238
msgid "Umbrella list settings"
msgstr ""
-#: Mailman/Gui/General.py:239
+#: Mailman/Gui/General.py:241
msgid ""
"Send password reminders to, eg, \"-owner\" address instead of\n"
" directly to user."
msgstr ""
-#: Mailman/Gui/General.py:242
+#: Mailman/Gui/General.py:244
msgid ""
"Set this to yes when this list is intended to cascade only\n"
" to other mailing lists. When set, meta notices like\n"
@@ -4054,14 +4054,14 @@
" account name."
msgstr ""
-#: Mailman/Gui/General.py:250
+#: Mailman/Gui/General.py:252
msgid ""
"Suffix for use when this list is an umbrella for other\n"
" lists, according to setting of previous \"umbrella_list\"\n"
" setting."
msgstr ""
-#: Mailman/Gui/General.py:254
+#: Mailman/Gui/General.py:256
msgid ""
"When \"umbrella_list\" is set to indicate that this list has\n"
" other mailing lists as members, then administrative notices
like\n"
@@ -4073,24 +4073,24 @@
" is \"No\"."
msgstr ""
-#: Mailman/Gui/General.py:266
+#: Mailman/Gui/General.py:268
msgid "Send monthly password reminders?"
msgstr ""
-#: Mailman/Gui/General.py:268
+#: Mailman/Gui/General.py:270
msgid ""
"Turn this on if you want password reminders to be sent once\n"
" per month to your members. Note that members may disable
their\n"
" own individual password reminders."
msgstr ""
-#: Mailman/Gui/General.py:273
+#: Mailman/Gui/General.py:275
msgid ""
"List-specific text prepended to new-subscriber welcome\n"
" message"
msgstr ""
-#: Mailman/Gui/General.py:276
+#: Mailman/Gui/General.py:278
msgid ""
"This value, if any, will be added to the front of the\n"
" new-subscriber welcome message. The rest of the welcome
message\n"
@@ -4109,11 +4109,11 @@
" </ul>"
msgstr ""
-#: Mailman/Gui/General.py:293
+#: Mailman/Gui/General.py:295
msgid "Send welcome message to newly subscribed members?"
msgstr ""
-#: Mailman/Gui/General.py:294
+#: Mailman/Gui/General.py:296
msgid ""
"Turn this off only if you plan on subscribing people manually\n"
" and don't want them to know that you did so. This option is
most\n"
@@ -4121,23 +4121,23 @@
" list manager to Mailman."
msgstr ""
-#: Mailman/Gui/General.py:300
+#: Mailman/Gui/General.py:302
msgid ""
"Text sent to people leaving the list. If empty, no special\n"
" text will be added to the unsubscribe message."
msgstr ""
-#: Mailman/Gui/General.py:304
+#: Mailman/Gui/General.py:306
msgid "Send goodbye message to members when they are unsubscribed?"
msgstr ""
-#: Mailman/Gui/General.py:307
+#: Mailman/Gui/General.py:309
msgid ""
"Should the list moderators get immediate notice of new\n"
" requests, as well as daily notices about collected ones?"
msgstr ""
-#: Mailman/Gui/General.py:310
+#: Mailman/Gui/General.py:312
msgid ""
"List moderators (and list administrators) are sent daily\n"
" reminders of requests pending approval, like subscriptions to
a\n"
@@ -4146,25 +4146,25 @@
" immediately on the arrival of new requests as well."
msgstr ""
-#: Mailman/Gui/General.py:317
+#: Mailman/Gui/General.py:319
msgid ""
"Should administrator get notices of subscribes and\n"
" unsubscribes?"
msgstr ""
-#: Mailman/Gui/General.py:322
+#: Mailman/Gui/General.py:324
msgid "Send mail to poster when their posting is held for approval?"
msgstr ""
-#: Mailman/Gui/General.py:325
+#: Mailman/Gui/General.py:327
msgid "Additional settings"
msgstr ""
-#: Mailman/Gui/General.py:328
+#: Mailman/Gui/General.py:330
msgid "Emergency moderation of all list traffic."
msgstr ""
-#: Mailman/Gui/General.py:329
+#: Mailman/Gui/General.py:331
msgid ""
"When this option is enabled, all list traffic is emergency\n"
" moderated, i.e. held for moderation. Turn this option on when\n"
@@ -4172,25 +4172,25 @@
" period."
msgstr ""
-#: Mailman/Gui/General.py:341
+#: Mailman/Gui/General.py:343
msgid ""
"Default options for new members joining this list.<input\n"
" type=\"hidden\" name=\"new_member_options\" value=\"ignore\">"
msgstr ""
-#: Mailman/Gui/General.py:344
+#: Mailman/Gui/General.py:346
msgid ""
"When a new member is subscribed to this list, their initial\n"
" set of options is taken from the this variable's setting."
msgstr ""
-#: Mailman/Gui/General.py:348
+#: Mailman/Gui/General.py:350
msgid ""
"(Administrivia filter) Check postings and intercept ones\n"
" that seem to be administrative requests?"
msgstr ""
-#: Mailman/Gui/General.py:351
+#: Mailman/Gui/General.py:353
msgid ""
"Administrivia tests will check postings to see whether it's\n"
" really meant as an administrative request (like subscribe,\n"
@@ -4199,17 +4199,23 @@
" in the process."
msgstr ""
-#: Mailman/Gui/General.py:358
+#: Mailman/Gui/General.py:360
msgid ""
"Maximum length in kilobytes (KB) of a message body. Use 0\n"
" for no limit."
msgstr ""
-#: Mailman/Gui/General.py:362
+#: Mailman/Gui/General.py:364
+msgid ""
+"Maximum number of members to show on one page of the\n"
+" Membership List."
+msgstr ""
+
+#: Mailman/Gui/General.py:368
msgid "Host name this list prefers for email."
msgstr ""
-#: Mailman/Gui/General.py:364
+#: Mailman/Gui/General.py:370
msgid ""
"The \"host_name\" is the preferred name for email to\n"
" mailman-related addresses on this host, and generally should
be\n"
@@ -4218,7 +4224,7 @@
" multiple addresses."
msgstr ""
-#: Mailman/Gui/General.py:376
+#: Mailman/Gui/General.py:382
msgid ""
"Should messages from this mailing list include the\n"
" <a href=\"http://www.faqs.org/rfcs/rfc2369.html\";>RFC
2369</a>\n"
@@ -4226,7 +4232,7 @@
" recommended."
msgstr ""
-#: Mailman/Gui/General.py:381
+#: Mailman/Gui/General.py:387
msgid ""
"RFC 2369 defines a set of List-* headers that are\n"
" normally added to every message sent to the list
membership.\n"
@@ -4243,11 +4249,11 @@
" these headers may eventually go away)."
msgstr ""
-#: Mailman/Gui/General.py:399
+#: Mailman/Gui/General.py:405
msgid "Should postings include the <tt>List-Post:</tt> header?"
msgstr ""
-#: Mailman/Gui/General.py:400
+#: Mailman/Gui/General.py:406
msgid ""
"The <tt>List-Post:</tt> header is one of the headers\n"
" recommended by\n"
@@ -4261,20 +4267,20 @@
" headers.)"
msgstr ""
-#: Mailman/Gui/General.py:415
+#: Mailman/Gui/General.py:421
msgid ""
"Discard held messages older than this number of days.\n"
" Use 0 for no automatic discarding."
msgstr ""
-#: Mailman/Gui/General.py:425
+#: Mailman/Gui/General.py:431
msgid ""
"<b>real_name</b> attribute not\n"
" changed! It must differ from the list's name by case\n"
" only."
msgstr ""
-#: Mailman/Gui/General.py:442
+#: Mailman/Gui/General.py:448
msgid ""
"The <b>info</b> attribute you saved\n"
"contains suspicious HTML that could potentially expose your users to
cross-site\n"
@@ -4287,6 +4293,12 @@
#: Mailman/Gui/General.py:459
msgid ""
+"<b>admin_member_chunksize</b> attribute not\n"
+" changed! It must be an integer > 0."
+msgstr ""
+
+#: Mailman/Gui/General.py:469
+msgid ""
"You cannot add a Reply-To: to an explicit\n"
" address if that address is blank. Resetting these values."
msgstr ""
--
https://code.launchpad.net/~mailman-coders/mailman/2.1
You are receiving this branch notification because you are subscribed to it.
To unsubscribe from this branch go to
https://code.launchpad.net/~mailman-coders/mailman/2.1/+subscription/mailman-checkins.
_______________________________________________
Mailman-checkins mailing list
[email protected]
Unsubscribe:
http://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org
