Last modified: 2014-11-17 09:21:09 UTC
Created attachment 7176 [details] Mailmans changes 2.1.9 -> 2.1.13 We are currently running 2.1.9 and the latest stable is currently 2.1.13 (December '09). The last few revisions have apparently been "dedicated" dealing with security issues from my understanding of reading another mailing list. Also since I can never find the change log on their site I'm attaching a copy from their package (showing 2.1.9 -> 2.1.13 changes) (Also cc'ing, Cary since he is involved with mailing lists.)
(In reply to comment #0) > (Also cc'ing, Cary since he is involved with mailing lists.) AFAIK, he just handles creating mailing lists. Fred has been doing more in-depth stuff.
(In reply to comment #1) > AFAIK, he just handles creating mailing lists. Fred has been doing more > in-depth stuff. He does, but there's nothing wrong with keeping him in the loop, hence the CC. :-)
(In reply to comment #2) > He does, but there's nothing wrong with keeping him in the loop, hence the CC. It was just an excuse to ping Fred via CC to get attention :D
(In reply to comment #3) > (In reply to comment #2) > > He does, but there's nothing wrong with keeping him in the loop, hence the CC. > > It was just an excuse to ping Fred via CC to get attention :D Too bad it dun work :(
The current stable GNU Mailman version is 2.1.14, released on 20-Sep-2010.
According to Mark yesterday (February 4, 2011) in #wikimedia-operations: "mailman will be moved to a new box and upgraded in the process soon"
(In reply to comment #6) > According to Mark yesterday (February 4, 2011) in #wikimedia-operations: > "mailman will be moved to a new box and upgraded in the process soon" Does anyone know if it was ever moved? Bark?
Removing "shell" keyword for things that aren't directly doable by shell users etc
Adding ops keyword
Removing shell keyword if exists
http://rt.wikimedia.org/Ticket/Display.html?id=1176
Mailman 2.1.9 being vulnerable to various XSS attacks has been reported in OTRS ticket 2011082210003661, too. According to http://www.list.org/, the current stable GNU Mailman version is 2.1.14, released on 20-Sep-2010, as also mentioned almost a year ago in comment 5 by Ashar.
(In reply to comment #12) > Mailman 2.1.9 being vulnerable to various XSS attacks has been reported in OTRS > ticket 2011082210003661, too. According to http://www.list.org/, the current > stable GNU Mailman version is 2.1.14, released on 20-Sep-2010, as also > mentioned almost a year ago in comment 5 by Ashar. If there are XSS vulnerabilities, that warrants an increased importance rating, in my view. And makes this no longer an enhancement. Not that these drop-downs really mean much, but still...
Mailman has been moved to a new server, and in the process was upgraded to the version in Ubuntu Lucid, 2.1.13.