Re: [Mailman-Developers] [Mailman-Announce] Mailman security patch.

Mark, I just wanted to send a Thank You for the way this security patch was handled. The heads-up email was perfect and very much appreciated. Thank you also, to yourself, Barry, and ALL the Mailman Developers, for the high quality of work that goes into Mailman. -Jim P. On Thu, Sep 9, 2010 at

[Mailman-Developers] Mailman 2.1.14rc1 released.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I am happy to announce the first release candidate for the 2.1.14 release of the 2.1 stable maintenance branch of GNU Mailman. Mailman 2.1.14rc1 is mainly a bug fix release, but it contains one security fix as previously announced at

Re: [Mailman-Developers] [Mailman-Announce] Mailman security patch.

On Sep 09, 2010, at 06:46 AM, Mark Sapiro wrote: >The patch is attached. Since it only affects the web CGIs, it can be >applied and will be effective without restarting Mailman, although >since it includes a patch to Utils.py which is imported by the >qrunners, a restart of Mailman is advisable as

Re: [Mailman-Developers] [Mailman-Announce] Mailman security patch.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 9/4/2010 5:59 PM, Mark Sapiro wrote: > I plan to release a Mailman 2.1.14 candidate release towards the end of > next week (Sept 9 or 10). This release will have enhanced XSS defenses > addressing two recently discovered vulnerabilities. Since relea