Index: NEWS
===================================================================
RCS file: /cvsroot/mailman/mailman/NEWS,v
retrieving revision 1.25.2.2
retrieving revision 1.25.2.4
diff -u -r1.25.2.2 -r1.25.2.4
--- NEWS 2001/03/03 06:51:26 1.25.2.2
+++ NEWS 2001/03/12 19:32:10 1.25.2.4
@@ -1,8 +1,15 @@
Mailman - The GNU Mailing List Management System
-Copyright (C) 1998,1999,2000 by the Free Software Foundation, Inc.
+Copyright (C) 1998,1999,2000,2001 by the Free Software Foundation, Inc.
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
Here is a history of user visible changes to Mailman.
+
+2.0.3 (12-Mar-2001)
+
+ Bug fix release. There was a small typo in 2.0.2 in ListAdmin.py
+ for approving an already subscribed member (thanks Thomas!).
+ Also, an update to the OpenWall security workaround
+ (contrib/securelinux_fix.py) was included. Thanks to Marc Merlin.
2.0.2 (03-Mar-2001)
Index: README.LINUX
===================================================================
RCS file: /cvsroot/mailman/mailman/README.LINUX,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -u -r1.6 -r1.6.2.1
--- README.LINUX 2000/09/19 17:25:23 1.6
+++ README.LINUX 2001/03/12 19:21:50 1.6.2.1
@@ -1,5 +1,5 @@
Mailman - The GNU Mailing List Management System
-Copyright (C) 1998,1999,2000 by the Free Software Foundation, Inc.
+Copyright (C) 1998,1999,2000,2001 by the Free Software Foundation, Inc.
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
GNU/LINUX ISSUES
@@ -14,6 +14,11 @@
can cause "Operation not permitted" errors in MailList.Save() -- you
will see a traceback. You must turn restricted hardlinks off. This
is also known under the name of Openwall Security Patches.
+
+There is a workaround for this problem, you can use securelinux_fix.py
+in the contrib directory (see the README.securelinux_fix.py). Note
+that the script will not work until you move it in your installed
+Mailman tree in the bin directory.
�
Index: Mailman/ListAdmin.py
===================================================================
RCS file: /cvsroot/mailman/mailman/Mailman/ListAdmin.py,v
retrieving revision 1.47.2.1
retrieving revision 1.47.2.4
diff -u -r1.47.2.1 -r1.47.2.4
--- Mailman/ListAdmin.py 2001/03/02 23:32:15 1.47.2.1
+++ Mailman/ListAdmin.py 2001/03/07 23:26:49 1.47.2.4
@@ -1,4 +1,4 @@
-# Copyright (C) 1998,1999,2000 by the Free Software Foundation, Inc.
+# Copyright (C) 1998,1999,2000,2001 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -327,8 +327,8 @@
# subscribe
assert value == mm_cfg.SUBSCRIBE
try:
- self.ApprovedAddMember(addr, password, digest, lang)
- except Errors.MMAlreadyMember:
+ self.ApprovedAddMember(addr, password, digest)
+ except Errors.MMAlreadyAMember:
# User has already been subscribed, after sending the request
pass
# TBD: disgusting hack: ApprovedAddMember() can end up closing
Index: Mailman/Version.py
===================================================================
RCS file: /cvsroot/mailman/mailman/Mailman/Version.py,v
retrieving revision 1.20.2.2
retrieving revision 1.20.2.3
diff -u -r1.20.2.2 -r1.20.2.3
--- Mailman/Version.py 2001/03/03 06:19:15 1.20.2.2
+++ Mailman/Version.py 2001/03/07 23:25:41 1.20.2.3
@@ -15,7 +15,7 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# Mailman version
-VERSION = "2.0.2"
+VERSION = "2.0.3"
# And as a hex number in the manner of PY_VERSION_HEX
ALPHA = 0xa
@@ -27,7 +27,7 @@
MAJOR_REV = 2
MINOR_REV = 0
-MICRO_REV = 2
+MICRO_REV = 3
REL_LEVEL = FINAL
# at most 15 beta releases!
REL_SERIAL = 0
Index: admin/www/download.ht
===================================================================
RCS file: /cvsroot/mailman/mailman/admin/www/download.ht,v
retrieving revision 1.5.2.2
retrieving revision 1.5.2.4
diff -u -r1.5.2.2 -r1.5.2.4
--- admin/www/download.ht 2001/03/03 06:18:47 1.5.2.2
+++ admin/www/download.ht 2001/03/12 19:33:49 1.5.2.4
@@ -65,9 +65,9 @@
<h3>Downloading</h3>
<p>Version
-(<!-VERSION--->2.0.2<!-VERSION--->,
+(<!-VERSION--->2.0.3<!-VERSION--->,
released on
-<!-DATE--->Mar 3 2001<!-DATE--->)
+<!-DATE--->Mar 12 2001<!-DATE--->)
is the current GNU release. It is available from the following mirror sites:
<ul>
Index: admin/www/download.html
===================================================================
RCS file: /cvsroot/mailman/mailman/admin/www/download.html,v
retrieving revision 1.6.2.4
retrieving revision 1.6.2.6
diff -u -r1.6.2.4 -r1.6.2.6
--- admin/www/download.html 2001/03/03 06:18:47 1.6.2.4
+++ admin/www/download.html 2001/03/12 19:33:49 1.6.2.6
@@ -1,6 +1,6 @@
<HTML>
<!-- THIS PAGE IS AUTOMATICALLY GENERATED. DO NOT EDIT. -->
-<!-- Sat Mar 3 01:06:34 2001 -->
+<!-- Mon Mar 12 14:32:38 2001 -->
<!-- USING HT2HTML 1.1 -->
<!-- SEE http://www.wooz.org/barry/software/pyware.html -->
<!-- User-specified headers:
@@ -237,9 +237,9 @@
<h3>Downloading</h3>
<p>Version
-(<!-VERSION--->2.0.2<!-VERSION--->,
+(<!-VERSION--->2.0.3<!-VERSION--->,
released on
-<!-DATE--->Mar 3 2001<!-DATE--->)
+<!-DATE--->Mar 12 2001<!-DATE--->)
is the current GNU release. It is available from the following mirror sites:
<ul>
Index: contrib/README.securelinux_fix
===================================================================
RCS file: README.securelinux_fix
diff -N README.securelinux_fix
--- /dev/null Mon Dec 11 17:26:27 2000
+++ contrib/README.securelinux_fix Mon Mar 12 11:49:35 2001
@@ -0,0 +1,12 @@
+The securelinux_fix.py script, if copied in your installed
+~mailman/bin/ directory and run from there will modify permissions of
+files so that Mailman works despite the securelinux (aka openwall)
+symbolic and hard link restrictions.
+
+The way it works is that it makes sure that the UID of any script that
+touches config.db is `mailman'. What this means however is that
+scripts in ~mailman/bin will now only work if run as user mailman or
+root (the script then changes its UID and GID to mailman).
+
+Enjoy
+Marc MERLIN <marcsoft@merlins.org>/<marc_bts@valinux.com>
Index: contrib/securelinux_fix.py
===================================================================
RCS file: /cvsroot/mailman/mailman/contrib/securelinux_fix.py,v
retrieving revision 1.2
retrieving revision 1.2.2.1
diff -u -r1.2 -r1.2.2.1
--- contrib/securelinux_fix.py 2000/11/09 02:07:01 1.2
+++ contrib/securelinux_fix.py 2001/03/12 19:25:04 1.2.2.1
@@ -1,6 +1,6 @@
#! /usr/bin/env python
#
-# Copyright (C) 1998,1999,2000 by the Free Software Foundation, Inc.
+# Copyright (C) 1998,1999,2000,2001 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -25,12 +25,12 @@
Mailman. The idea is that config.db files have to be owned by the mailman UID
and only touched by programs that are UID mailman.
-If you have to run check_perms -f, make sure to also run %(PROGRAM) -f, which
-applies the necessary permission fixes
+If you have to run check_perms -f, make sure to also run securelinux_fix.py
+-f, which applies the necessary permission fixes.
-As a result, to prevent anyone from running priviledged Mailman commands
-\(since the scripts are suid), binary commands that are changed to be SUID are
-also unreadable and unrunable by people who aren't in the mailman group. This
+As a result, to prevent anyone from running privileged Mailman commands (since
+the scripts are suid), binary commands that are changed to be SUID are also
+unreadable and unrunnable by people who aren't in the mailman group. This
shouldn't affect much since most of those commands would fail work if you
weren't part of the mailman group anyway.
@@ -45,8 +45,6 @@
from Mailman import mm_cfg
from Mailman.mm_cfg import MAILMAN_UID, MAILMAN_GID
from stat import *
-
-PROGRAM = sys.argv[0]
# Those are the programs that we patch so that they insist being run under the
# mailman uid or as root.