Index: ACKNOWLEDGMENTS =================================================================== RCS file: /cvsroot/mailman/mailman/ACKNOWLEDGMENTS,v retrieving revision 1.35.2.1 retrieving revision 1.35.2.2 diff -u -r1.35.2.1 -r1.35.2.2 --- ACKNOWLEDGMENTS 3 Apr 2002 05:07:52 -0000 1.35.2.1 +++ ACKNOWLEDGMENTS 20 May 2002 15:07:49 -0000 1.35.2.2 @@ -62,9 +62,11 @@ Dan Mick Balazs Nagy Hrvoje Niksic + "office" Gerald Oskoboiny Sean Reifschneider Bernhard Reiter + Tristan Roddis Chris Snell Greg Stein Owen Taylor Index: FAQ =================================================================== RCS file: /cvsroot/mailman/mailman/FAQ,v retrieving revision 1.18.2.3 retrieving revision 1.18.2.4 diff -u -r1.18.2.3 -r1.18.2.4 --- FAQ 27 Nov 2001 22:45:22 -0000 1.18.2.3 +++ FAQ 19 Apr 2002 03:34:01 -0000 1.18.2.4 @@ -2,8 +2,9 @@ Copyright (C) 1998,1999,2000,2001 by the Free Software Foundation, Inc. 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA -FREQUENTLY ASKED QUESTIONS See also http://www.python.org/cgi-bin/faqw-mm.py + +FREQUENTLY ASKED QUESTIONS Q. How do you spell this program? Index: NEWS =================================================================== RCS file: /cvsroot/mailman/mailman/NEWS,v retrieving revision 1.25.2.14 retrieving revision 1.25.2.15 diff -u -r1.25.2.14 -r1.25.2.15 --- NEWS 9 Apr 2002 20:57:40 -0000 1.25.2.14 +++ NEWS 20 May 2002 15:22:32 -0000 1.25.2.15 @@ -4,6 +4,11 @@ Here is a history of user visible changes to Mailman. +2.0.11 (20-May-2002) + + - Closed two cross-site scripting vulnerabilities: one in the + admin login page, and one in the HTML archive indices. + 2.0.10 (09-Apr-2002) - Closed another small race condition. Index: Mailman/Utils.py =================================================================== RCS file: /cvsroot/mailman/mailman/Mailman/Utils.py,v retrieving revision 1.104.2.6 retrieving revision 1.104.2.8 diff -u -r1.104.2.6 -r1.104.2.8 --- Mailman/Utils.py 4 Apr 2002 21:14:23 -0000 1.104.2.6 +++ Mailman/Utils.py 20 May 2002 14:37:32 -0000 1.104.2.8 @@ -30,6 +30,7 @@ import time import socket import random +import cgi from UserDict import UserDict from types import StringType import random @@ -610,7 +611,7 @@ -def GetRequestURI(fallback=None): +def GetRequestURI(fallback=None, escape=1): """Return the full virtual path this CGI script was invoked with. Newer web servers seems to supply this info in the REQUEST_URI @@ -621,13 +622,17 @@ Optional argument `fallback' (default `None') is returned if both of the above methods fail. + The url will be cgi escaped to prevent cross-site scripting attacks, + unless `escape' is set to 0. """ + url = fallback if os.environ.has_key('REQUEST_URI'): - return os.environ['REQUEST_URI'] + url = os.environ['REQUEST_URI'] elif os.environ.has_key('SCRIPT_NAME') and os.environ.has_key('PATH_INFO'): - return os.environ['SCRIPT_NAME'] + os.environ['PATH_INFO'] - else: - return fallback + url = os.environ['SCRIPT_NAME'] + os.environ['PATH_INFO'] + if escape: + return cgi.escape(url) + return url Index: Mailman/Version.py =================================================================== RCS file: /cvsroot/mailman/mailman/Mailman/Version.py,v retrieving revision 1.20.2.10 retrieving revision 1.20.2.11 diff -u -r1.20.2.10 -r1.20.2.11 --- Mailman/Version.py 9 Apr 2002 21:06:16 -0000 1.20.2.10 +++ Mailman/Version.py 20 May 2002 15:16:08 -0000 1.20.2.11 @@ -15,7 +15,7 @@ # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # Mailman version -VERSION = "2.0.10" +VERSION = "2.0.11" # And as a hex number in the manner of PY_VERSION_HEX ALPHA = 0xa @@ -27,7 +27,7 @@ MAJOR_REV = 2 MINOR_REV = 0 -MICRO_REV = 10 +MICRO_REV = 11 REL_LEVEL = FINAL # at most 15 beta releases! REL_SERIAL = 0 Index: Mailman/Archiver/HyperArch.py =================================================================== RCS file: /cvsroot/mailman/mailman/Mailman/Archiver/HyperArch.py,v retrieving revision 1.46.2.1 retrieving revision 1.46.2.2 diff -u -r1.46.2.1 -r1.46.2.2 --- Mailman/Archiver/HyperArch.py 2 Apr 2002 23:39:35 -0000 1.46.2.1 +++ Mailman/Archiver/HyperArch.py 20 May 2002 15:02:49 -0000 1.46.2.2 @@ -58,13 +58,9 @@ def html_quote(s): - repls = ( ('&', '&'), - ("<", '<'), - (">", '>'), - ('"', '"')) - for thing, repl in repls: - s = string.replace(s, thing, repl) - return s + return cgi.escape(s, 1) + +CGIescape = html_quote def url_quote(s): return urllib.quote(s) @@ -136,10 +132,6 @@ html_charset = '' -def CGIescape(arg): - s = cgi.escape(str(arg)) - return string.replace(s, '"', '"') - # Parenthesized human name paren_name_pat = re.compile(r'([(].*[)])') @@ -877,8 +869,10 @@ subject = d.get("subject", article.subject) author = d.get("author", article.author) else: - subject = CGIescape(article.subject) - author = CGIescape(article.author) + subject = article.subject + author = article.author + subject = CGIescape(subject) + author = CGIescape(author) print index_entry_template % (urllib.quote(article.filename), subject, article.sequence, author) Index: admin/bin/faq2ht.py =================================================================== RCS file: /cvsroot/mailman/mailman/admin/bin/faq2ht.py,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -u -r1.1.2.1 -r1.1.2.2 --- admin/bin/faq2ht.py 27 Nov 2001 22:47:50 -0000 1.1.2.1 +++ admin/bin/faq2ht.py 19 Apr 2002 03:33:33 -0000 1.1.2.2 @@ -39,6 +39,9 @@ print >> out, '''\ Title: Mailman Frequently Asked Questions +See also the Mailman +FAQ Wizard for more information. +
Version -(2.0.10, +(2.0.11, released on -Apr 17 2002) +May 20 2002) is the current GNU release. It is available from the following mirror sites:
 A. You spell it "Mailman", with a leading capital "M" and a lowercase
+
 A. You spell it "Mailman", with a leading capital "M" and a lowercase
    second "m".  It is incorrect to spell it "MailMan" (i.e. you should
    not use StudlyCaps).
 
Q. I'm getting really terrible performance for outgoing messages. It Index: admin/www/faq.html =================================================================== RCS file: /cvsroot/mailman/mailman/admin/www/faq.html,v retrieving revision 1.10.2.4 retrieving revision 1.10.2.5 diff -u -r1.10.2.4 -r1.10.2.5 --- admin/www/faq.html 4 Apr 2002 18:07:26 -0000 1.10.2.4 +++ admin/www/faq.html 19 Apr 2002 03:36:23 -0000 1.10.2.5 @@ -1,7 +1,7 @@ - +
 A. You spell it "Mailman", with a leading capital "M" and a lowercase
+
 A. You spell it "Mailman", with a leading capital "M" and a lowercase
    second "m".  It is incorrect to spell it "MailMan" (i.e. you should
    not use StudlyCaps).
 
Q. I'm getting really terrible performance for outgoing messages. It