Hmm it seams released in April 2015, but anyway it's been some time since the release. It's not mentionned in the Operations issue tracker <https://github.com/openstreetmap/operations/issues>, maybe you could open an issue there to suggest upgrading to mailman 3. But it seems to be a rewrite of mailman, so it may be not trivial to migrate to this version.
Another point : This password is not secure, but what the worst that could happen with it ? As long as one don't reuse it on other applications (as warned during registration), the only action an attacker could do would be to unsubscribe you. Not really catastrophic 2017-11-25 12:55 GMT+01:00 Colin Smale <colin.sm...@xs4all.nl>: > On 2017-11-25 11:53, Éric Gillet wrote: > > This is non-ideal, but you were warned during your account creation that > this password is to be considered non-secure : > > > You may enter a privacy password below. This provides only mild > security, but should prevent others from messing with your subscription. Do > not use a valuable password as it will occasionally be emailed back to you > in cleartext. > > > Thanks Éric, I admit that "I was warned" but I still find it scandalous in > this day and age... It seems this shortcoming in mailman was fixed in V3, > released in 2014. I read here that V3 no longer stores > unencrypted/decryptable passwords: > > https://mail.python.org/pipermail/mailman-users/2014-July/077411.html > > Are we still running V2.1? > > //colin > > _______________________________________________ > talk mailing list > talk@openstreetmap.org > https://lists.openstreetmap.org/listinfo/talk > >
_______________________________________________ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk
