[Pkg-mailman-hackers] Bug#974944: mailman3-web won't allow single quote in postorius password
peterc at lists.sel4.systems
peterc at lists.sel4.systems
Mon Nov 16 21:19:25 GMT 2020
Package: mailman3-web
Version: 0+20180916-8
Severity: normal
Dear Maintainer,
I ran
dpkg-reconfigure mailman3-web
and created the Postorius superuser, using a password with a quotation mark
in it.
Instead of initialising the user, it threw a python exception:
I think the setup should sanitise its arguments a bit better.
Traceback (most recent call last):
File "/usr/bin/django-admin", line 21, in <module>
management.execute_from_command_line()
File "/usr/lib/python3/dist-packages/django/core/management/__init__.py", line 364, in execute_from_command_line
utility.execute()
File "/usr/lib/python3/dist-packages/django/core/management/__init__.py", line 356, in execute
self.fetch_command(subcommand).run_from_argv(self.argv)
File "/usr/lib/python3/dist-packages/django/core/management/base.py", line 283, in run_from_argv
self.execute(*args, **cmd_options)
File "/usr/lib/python3/dist-packages/django/core/management/base.py", line 330, in execute
output = self.handle(*args, **options)
File "/usr/lib/python3/dist-packages/django/core/management/commands/shell.py", line 95, in handle
exec(options['command'])
File "<string>", line 1
from django.contrib.auth.models import User; User.objects.filter(username='seL4').delete(); User.objects.create_superuser('seL4', 'root at localhost', 'a dog's life')
^
SyntaxError: invalid syntax
-- System Information:
Debian Release: 10.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-5-cloud-amd64 (SMP w/1 CPU core)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages mailman3-web depends on:
ii dbconfig-sqlite3 2.0.11+deb10u1
ii debconf [debconf-2.0] 1.5.71
ii lsb-base 10.2019051400
ii node-less 1.6.3~dfsg-3
ii python3 3.7.3-1
ii python3-django-hyperkitty 1.2.2-1
ii python3-django-postorius 1.2.4-1
ii python3-psycopg2 2.7.7-1
ii python3-whoosh 2.7.4+git6-g9134ad92-4
ii sassc 3.5.0-1
ii ucf 3.0038+nmu1
ii uwsgi 2.0.18-1
ii uwsgi-plugin-python3 2.0.18-1
Versions of packages mailman3-web recommends:
ii libapache2-mod-proxy-uwsgi 2.4.38-3+deb10u4
Versions of packages mailman3-web suggests:
ii postgresql 11+200+deb10u4
-- debconf information excluded
More information about the Pkg-mailman-hackers
mailing list