[Pkg-mailman-hackers] Pkg-mailman commit - rev 675 - trunk/debian/patches
Thijs Kinkhorst
thijs at alioth.debian.org
Wed Feb 16 18:48:15 UTC 2011
Author: thijs
Date: 2011-02-16 18:48:15 +0000 (Wed, 16 Feb 2011)
New Revision: 675
Removed:
trunk/debian/patches/15_mailmanctl_daemonize.patch
trunk/debian/patches/83-CVE-2010-3089--bug599833.patch
Modified:
trunk/debian/patches/series
Log:
patches included in 2.1.14
Deleted: trunk/debian/patches/15_mailmanctl_daemonize.patch
===================================================================
--- trunk/debian/patches/15_mailmanctl_daemonize.patch 2011-02-16 18:47:50 UTC (rev 674)
+++ trunk/debian/patches/15_mailmanctl_daemonize.patch 2011-02-16 18:48:15 UTC (rev 675)
@@ -1,21 +0,0 @@
-Patch: 15_mailmanctl_daemonize.patch
-Author: Tollef Fog Heen <tfheen at debian.org>
-Daemonize mailmanctl properly (Closes: #175175)
-Index: b/bin/mailmanctl
-===================================================================
---- a/bin/mailmanctl 2010-05-24 17:50:50.000000000 +0200
-+++ b/bin/mailmanctl 2010-05-24 17:51:01.000000000 +0200
-@@ -417,6 +417,13 @@
- # won't be opening any terminal devices, don't do the ultra-paranoid
- # suggestion of doing a second fork after the setsid() call.
- os.setsid()
-+
-+ # Be sure to close any open std{in,out,err}
-+ devnull = os.open('/dev/null', 0)
-+ os.dup2(devnull, 0)
-+ os.dup2(devnull, 1)
-+ os.dup2(devnull, 2)
-+
- # Instead of cd'ing to root, cd to the Mailman installation home
- os.chdir(mm_cfg.PREFIX)
- # Set our file mode creation umask
Deleted: trunk/debian/patches/83-CVE-2010-3089--bug599833.patch
===================================================================
--- trunk/debian/patches/83-CVE-2010-3089--bug599833.patch 2011-02-16 18:47:50 UTC (rev 674)
+++ trunk/debian/patches/83-CVE-2010-3089--bug599833.patch 2011-02-16 18:48:15 UTC (rev 675)
@@ -1,262 +0,0 @@
-From a745670e2c3325fa49b222a533c4ed4bf3f4368e Mon Sep 17 00:00:00 2001
-From: Jari Aalto <jari.aalto at cante.net>
-Date: Fri, 15 Oct 2010 12:23:47 +0300
-Subject: [PATCH] CVE-2010-3089 Fixes from mailman 2.14 by <d+deb at vdr.jp>
-Organization: Private
-Content-Type: text/plain; charset="utf-8"
-Content-Transfer-Encoding: 8bit
-
-Signed-off-by: Jari Aalto <jari.aalto at cante.net>
----
- Mailman/Cgi/listinfo.py | 4 +-
- Mailman/HTMLFormatter.py | 7 +-
- Mailman/Utils.py | 187 +++++++++++++++++++++++-----------------------
- 3 files changed, 100 insertions(+), 98 deletions(-)
-
-diff --git a/Mailman/Cgi/listinfo.py b/Mailman/Cgi/listinfo.py
-index 5b96590..4a54517 100644
---- a/Mailman/Cgi/listinfo.py
-+++ b/Mailman/Cgi/listinfo.py
-@@ -1,4 +1,4 @@
--# Copyright (C) 1998-2009 by the Free Software Foundation, Inc.
-+# Copyright (C) 1998-2010 by the Free Software Foundation, Inc.
- #
- # This program is free software; you can redistribute it and/or
- # modify it under the terms of the GNU General Public License
-@@ -94,7 +94,7 @@ def listinfo_overview(msg=''):
- else:
- advertised.append((mlist.GetScriptURL('listinfo'),
- mlist.real_name,
-- mlist.description))
-+ Utils.websafe(mlist.description)))
- if msg:
- greeting = FontAttr(msg, color="ff5060", size="+1")
- else:
-diff --git a/Mailman/HTMLFormatter.py b/Mailman/HTMLFormatter.py
-index 3a21d96..dad51e7 100644
---- a/Mailman/HTMLFormatter.py
-+++ b/Mailman/HTMLFormatter.py
-@@ -1,4 +1,4 @@
--# Copyright (C) 1998-2008 by the Free Software Foundation, Inc.
-+# Copyright (C) 1998-2010 by the Free Software Foundation, Inc.
- #
- # This program is free software; you can redistribute it and/or
- # modify it under the terms of the GNU General Public License
-@@ -383,8 +383,9 @@ class HTMLFormatter:
- '<mm-mailman-footer>' : self.GetMailmanFooter(),
- '<mm-list-name>' : self.real_name,
- '<mm-email-user>' : self._internal_name,
-- '<mm-list-description>' : self.description,
-- '<mm-list-info>' : BR.join(self.info.split(NL)),
-+ '<mm-list-description>' : Utils.websafe(self.description),
-+ '<mm-list-info>' :
-+ '<!---->' + BR.join(self.info.split(NL)) + '<!---->',
- '<mm-form-end>' : self.FormatFormEnd(),
- '<mm-archive>' : self.FormatArchiveAnchor(),
- '</mm-archive>' : '</a>',
-diff --git a/Mailman/Utils.py b/Mailman/Utils.py
-index 5cba077..d5babc1 100644
---- a/Mailman/Utils.py
-+++ b/Mailman/Utils.py
-@@ -1,4 +1,4 @@
--# Copyright (C) 1998-2009 by the Free Software Foundation, Inc.
-+# Copyright (C) 1998-2010 by the Free Software Foundation, Inc.
- #
- # This program is free software; you can redistribute it and/or
- # modify it under the terms of the GNU General Public License
-@@ -911,99 +911,100 @@ _badwords = [
- # Kludge to allow the specific tag that's in the options.html template.
- '<link(?! rel="SHORTCUT ICON" href="<mm-favicon>">)',
- '<meta',
-+ '<object',
- '<script',
-- r'(?:^|\W)j(?:ava)?script(?:\W|$)',
-- r'(?:^|\W)vbs(?:cript)?(?:\W|$)',
-- r'(?:^|\W)domactivate(?:\W|$)',
-- r'(?:^|\W)domattrmodified(?:\W|$)',
-- r'(?:^|\W)domcharacterdatamodified(?:\W|$)',
-- r'(?:^|\W)domfocus(?:in|out)(?:\W|$)',
-- r'(?:^|\W)dommenuitem(?:in)?active(?:\W|$)',
-- r'(?:^|\W)dommousescroll(?:\W|$)',
-- r'(?:^|\W)domnodeinserted(?:intodocument)?(?:\W|$)',
-- r'(?:^|\W)domnoderemoved(?:fromdocument)?(?:\W|$)',
-- r'(?:^|\W)domsubtreemodified(?:\W|$)',
-- r'(?:^|\W)fscommand(?:\W|$)',
-- r'(?:^|\W)onabort(?:\W|$)',
-- r'(?:^|\W)on(?:de)?activate(?:\W|$)',
-- r'(?:^|\W)on(?:after|before)print(?:\W|$)',
-- r'(?:^|\W)on(?:after|before)update(?:\W|$)',
-- r'(?:^|\W)onbefore(?:(?:de)?activate|copy|cut|editfocus|paste)(?:\W|$)',
-- r'(?:^|\W)onbeforeunload(?:\W|$)',
-- r'(?:^|\W)onbegin(?:\W|$)',
-- r'(?:^|\W)onblur(?:\W|$)',
-- r'(?:^|\W)onbounce(?:\W|$)',
-- r'(?:^|\W)onbroadcast(?:\W|$)',
-- r'(?:^|\W)on(?:cell)?change(?:\W|$)',
-- r'(?:^|\W)oncheckboxstatechange(?:\W|$)',
-- r'(?:^|\W)on(?:dbl)?click(?:\W|$)',
-- r'(?:^|\W)onclose(?:\W|$)',
-- r'(?:^|\W)oncommand(?:update)?(?:\W|$)',
-- r'(?:^|\W)oncomposition(?:end|start)(?:\W|$)',
-- r'(?:^|\W)oncontextmenu(?:\W|$)',
-- r'(?:^|\W)oncontrolselect(?:\W|$)',
-- r'(?:^|\W)oncopy(?:\W|$)',
-- r'(?:^|\W)oncut(?:\W|$)',
-- r'(?:^|\W)ondataavailable(?:\W|$)',
-- r'(?:^|\W)ondataset(?:changed|complete)(?:\W|$)',
-- r'(?:^|\W)ondrag(?:drop|end|enter|exit|gesture|leave|over)?(?:\W|$)',
-- r'(?:^|\W)ondragstart(?:\W|$)',
-- r'(?:^|\W)ondrop(?:\W|$)',
-- r'(?:^|\W)onend(?:\W|$)',
-- r'(?:^|\W)onerror(?:update)?(?:\W|$)',
-- r'(?:^|\W)onfilterchange(?:\W|$)',
-- r'(?:^|\W)onfinish(?:\W|$)',
-- r'(?:^|\W)onfocus(?:in|out)?(?:\W|$)',
-- r'(?:^|\W)onhelp(?:\W|$)',
-- r'(?:^|\W)oninput(?:\W|$)',
-- r'(?:^|\W)onkey(?:up|down|press)(?:\W|$)',
-- r'(?:^|\W)onlayoutcomplete(?:\W|$)',
-- r'(?:^|\W)on(?:un)?load(?:\W|$)',
-- r'(?:^|\W)onlosecapture(?:\W|$)',
-- r'(?:^|\W)onmedia(?:complete|error)(?:\W|$)',
-- r'(?:^|\W)onmouse(?:down|enter|leave|move|out|over|up|wheel)(?:\W|$)',
-- r'(?:^|\W)onmove(?:end|start)?(?:\W|$)',
-- r'(?:^|\W)on(?:off|on)line(?:\W|$)',
-- r'(?:^|\W)onoutofsync(?:\W|$)',
-- r'(?:^|\W)onoverflow(?:changed)?(?:\W|$)',
-- r'(?:^|\W)onpage(?:hide|show)(?:\W|$)',
-- r'(?:^|\W)onpaint(?:\W|$)',
-- r'(?:^|\W)onpaste(?:\W|$)',
-- r'(?:^|\W)onpause(?:\W|$)',
-- r'(?:^|\W)onpopup(?:hidden|hiding|showing|shown)(?:\W|$)',
-- r'(?:^|\W)onprogress(?:\W|$)',
-- r'(?:^|\W)onpropertychange(?:\W|$)',
-- r'(?:^|\W)onradiostatechange(?:\W|$)',
-- r'(?:^|\W)onreadystatechange(?:\W|$)',
-- r'(?:^|\W)onrepeat(?:\W|$)',
-- r'(?:^|\W)onreset(?:\W|$)',
-- r'(?:^|\W)onresize(?:end|start)?(?:\W|$)',
-- r'(?:^|\W)onresume(?:\W|$)',
-- r'(?:^|\W)onreverse(?:\W|$)',
-- r'(?:^|\W)onrow(?:delete|enter|exit|inserted)(?:\W|$)',
-- r'(?:^|\W)onrows(?:delete|enter|inserted)(?:\W|$)',
-- r'(?:^|\W)onscroll(?:\W|$)',
-- r'(?:^|\W)onseek(?:\W|$)',
-- r'(?:^|\W)onselect(?:start)?(?:\W|$)',
-- r'(?:^|\W)onselectionchange(?:\W|$)',
-- r'(?:^|\W)onstart(?:\W|$)',
-- r'(?:^|\W)onstop(?:\W|$)',
-- r'(?:^|\W)onsubmit(?:\W|$)',
-- r'(?:^|\W)onsync(?:from|to)preference(?:\W|$)',
-- r'(?:^|\W)onsyncrestored(?:\W|$)',
-- r'(?:^|\W)ontext(?:\W|$)',
-- r'(?:^|\W)ontimeerror(?:\W|$)',
-- r'(?:^|\W)ontrackchange(?:\W|$)',
-- r'(?:^|\W)onunderflow(?:\W|$)',
-- r'(?:^|\W)onurlflip(?:\W|$)',
-- r'(?:^|\W)seeksegmenttime(?:\W|$)',
-- r'(?:^|\W)svgabort(?:\W|$)',
-- r'(?:^|\W)svgerror(?:\W|$)',
-- r'(?:^|\W)svgload(?:\W|$)',
-- r'(?:^|\W)svgresize(?:\W|$)',
-- r'(?:^|\W)svgscroll(?:\W|$)',
-- r'(?:^|\W)svgunload(?:\W|$)',
-- r'(?:^|\W)svgzoom(?:\W|$)',
-+ r'\bj(?:ava)?script\b',
-+ r'\bvbs(?:cript)?\b',
-+ r'\bdomactivate\b',
-+ r'\bdomattrmodified\b',
-+ r'\bdomcharacterdatamodified\b',
-+ r'\bdomfocus(?:in|out)\b',
-+ r'\bdommenuitem(?:in)?active\b',
-+ r'\bdommousescroll\b',
-+ r'\bdomnodeinserted(?:intodocument)?\b',
-+ r'\bdomnoderemoved(?:fromdocument)?\b',
-+ r'\bdomsubtreemodified\b',
-+ r'\bfscommand\b',
-+ r'\bonabort\b',
-+ r'\bon(?:de)?activate\b',
-+ r'\bon(?:after|before)print\b',
-+ r'\bon(?:after|before)update\b',
-+ r'\bonbefore(?:(?:de)?activate|copy|cut|editfocus|paste)\b',
-+ r'\bonbeforeunload\b',
-+ r'\bonbegin\b',
-+ r'\bonblur\b',
-+ r'\bonbounce\b',
-+ r'\bonbroadcast\b',
-+ r'\bon(?:cell)?change\b',
-+ r'\boncheckboxstatechange\b',
-+ r'\bon(?:dbl)?click\b',
-+ r'\bonclose\b',
-+ r'\boncommand(?:update)?\b',
-+ r'\boncomposition(?:end|start)\b',
-+ r'\boncontextmenu\b',
-+ r'\boncontrolselect\b',
-+ r'\boncopy\b',
-+ r'\boncut\b',
-+ r'\bondataavailable\b',
-+ r'\bondataset(?:changed|complete)\b',
-+ r'\bondrag(?:drop|end|enter|exit|gesture|leave|over)?\b',
-+ r'\bondragstart\b',
-+ r'\bondrop\b',
-+ r'\bonend\b',
-+ r'\bonerror(?:update)?\b',
-+ r'\bonfilterchange\b',
-+ r'\bonfinish\b',
-+ r'\bonfocus(?:in|out)?\b',
-+ r'\bonhelp\b',
-+ r'\boninput\b',
-+ r'\bonkey(?:up|down|press)\b',
-+ r'\bonlayoutcomplete\b',
-+ r'\bon(?:un)?load\b',
-+ r'\bonlosecapture\b',
-+ r'\bonmedia(?:complete|error)\b',
-+ r'\bonmouse(?:down|enter|leave|move|out|over|up|wheel)\b',
-+ r'\bonmove(?:end|start)?\b',
-+ r'\bon(?:off|on)line\b',
-+ r'\bonoutofsync\b',
-+ r'\bonoverflow(?:changed)?\b',
-+ r'\bonpage(?:hide|show)\b',
-+ r'\bonpaint\b',
-+ r'\bonpaste\b',
-+ r'\bonpause\b',
-+ r'\bonpopup(?:hidden|hiding|showing|shown)\b',
-+ r'\bonprogress\b',
-+ r'\bonpropertychange\b',
-+ r'\bonradiostatechange\b',
-+ r'\bonreadystatechange\b',
-+ r'\bonrepeat\b',
-+ r'\bonreset\b',
-+ r'\bonresize(?:end|start)?\b',
-+ r'\bonresume\b',
-+ r'\bonreverse\b',
-+ r'\bonrow(?:delete|enter|exit|inserted)\b',
-+ r'\bonrows(?:delete|enter|inserted)\b',
-+ r'\bonscroll\b',
-+ r'\bonseek\b',
-+ r'\bonselect(?:start)?\b',
-+ r'\bonselectionchange\b',
-+ r'\bonstart\b',
-+ r'\bonstop\b',
-+ r'\bonsubmit\b',
-+ r'\bonsync(?:from|to)preference\b',
-+ r'\bonsyncrestored\b',
-+ r'\bontext\b',
-+ r'\bontimeerror\b',
-+ r'\bontrackchange\b',
-+ r'\bonunderflow\b',
-+ r'\bonurlflip\b',
-+ r'\bseeksegmenttime\b',
-+ r'\bsvgabort\b',
-+ r'\bsvgerror\b',
-+ r'\bsvgload\b',
-+ r'\bsvgresize\b',
-+ r'\bsvgscroll\b',
-+ r'\bsvgunload\b',
-+ r'\bsvgzoom\b',
- ]
-
-
---
-1.7.1
-
Modified: trunk/debian/patches/series
===================================================================
--- trunk/debian/patches/series 2011-02-16 18:47:50 UTC (rev 674)
+++ trunk/debian/patches/series 2011-02-16 18:48:15 UTC (rev 675)
@@ -2,7 +2,6 @@
02_force_autoconf_2.50.patch
07_snooze.patch
10_wrapper_uid.patch
-15_mailmanctl_daemonize.patch
16_update_debian.patch
20_qmail_to_mailman.debian.patch
21_newlist_help.patch
@@ -12,11 +11,9 @@
53_disable_addons.patch
59_fix_missing_language_crash.patch
63_update_default_server_language.patch
-64_correct_html_nesting.patch
66_donot_let_cache_html_pages.patch
70_invalid_utf8_dos.patch
71_date_overflows.patch
74_admin_non-ascii_emails.patch
79_archiver_slash.patch
-83-CVE-2010-3089--bug599833.patch
99_js_templates.patch
More information about the Pkg-mailman-hackers
mailing list