While here, fix pkg-message to mention -exim4 and -postfix
derived ports that override the default MTA.
Security: 0d6efbe3-52d9-11ec-9472-e3667ed6088e
Security: CVE-2021-44227
MFH: 2021Q4
Changelog:
http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/1859/NEWS#L8
(Note the ValueError fix was already in FreeBSD's 2.1.33_1 and
- on quarterly - the 2.1.30_5 port/package versions.)
Follow POLA:
No MFH requested, as 2020Q2 and head/ have diverged too far,
so let 2020Q3 pick up the change instead.
- fixes the i18n issues in 2.1.31
- drop local patch for Spanish Castilian mailman.po file
- drop local REINPLACE_CMD for translations of the security fixed code
- uses a patch from the upstream merged rev 1814 of the htdig branch
Over the upstream 2.1.31, additional fixes were needed:
+ fix up quoting in one string of the messages/es/ translation
to unbreak gettext
+ fix up all */LC_MESSAGES/mailman.po to match up with the security fix.
Upstream Changelog for 2.1.31, cited from
<https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/1845/NEWS#L8>:
Security
- A content injection vulnerability via the options login page has been
discovered and reported by Vishal Singh. This is fixed. (LP: #1873722)
i18n
- The Spanish translation has been updated by Omar Walid Llorente.
Bug Fixes and other patches
- Bounce recognition for a non-compliant Yahoo format is added.
- Archiving workaround for non-ascii in string.lowercase in some Python
packages is added.
MFH: 2020Q2
Security: 88760f4d-8ef7-11ea-a66d-4b2ef158be83
Limit the install message about pkg install -I to installs (not upgrades).
Convert the required_dirs of the rcfile into a coded prereq check,
so that we can print the proper error message, and point the user to
the right place.
Bump PORTREVISION.
- tighten up permissions on install dirs even more, patching
bin/check_perms to not complain - fewer directories or files belong
in mailman's hand or need group write permissions.
- revert 2.1.30's "make templates samples" because the upstream has
always instead provided a templates/site dir here and warned users that
default templates will be overwritten on updates or reinstallation
https://wiki.list.org/DOC/4.48%20How%20can%20I%20change%20the%20HTML%20or%20.txt%20templates%20used%20by%20my%20mailing%20lists%3F
changed templates will be written to different directories, the site,
domain-specific or list-specific directory
- adjust pkg-plist such that a no-script install, a regular install
with post-install script run, and check_perms agree on permissions,
however with tighter write permissions than the default install,
as a security-in-depth safety precaution. [1]
- revise files/pkg-install.in accordingly
- boil down files/pkg-message.in texts a little bit
- bump PORTREVISION
PR: 245853
Reported by: manu@ (IRC) [1]
* upstream changelog:
https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/head:/NEWS#L6
Note that upstream means 2.1.30 to be the final 2.x release,
because it relies on Python 2.x which is EOL upstream.
! MAJOR DATA LOSS FIX, rename all templates/* files to .sample,
! and list them as a @sample in pkg-plist, because they can be edited
! through the web server, and an upgrade should not stomp over edited files.
* rearrange makefile a bit (portlint, portfmt)
* update and upload new htdig patch
* expose NLS port option to pkg-install script to avoid failure
* patch upstream bin/check_perms script to not complain about tightened-
up messages/ and mailmanprefix (${PREFIX}/mailman) permissions that we
set to 0755 instead of 02775. Mailman should not need to write outside
designated directories or create new top-level directories in its install.
* fix a typo in the German (mailman.po) translation
* tweak pkg-install to:
- leave ${PREFIX}/mailman permissions alone and not set them to 02775
- fix up non-moved .sample files if pkg-install is run with -I
- create a copy of mm_cfg.py from mm_cfg.py.dist if missing (-I)
- create a newsyslog.conf.d/mailman.conf if missing, from
examples/mailman.newsyslog.sample if installed (-I)
- not attempt to fix messages/ (translations) permissions if the NLS
port option is disabled
* tweak pkg-plist so that the proper permissions and groups are set
by default already
* clean up pkg-message, thanks to bapt@ for pointing out that a missing
type: means "install or upgrade".
MFH: 2020Q2 (@samples is an important fix against data loss on update)
There are parts of the install message that are also relevant on
updates, but were missed. Add them, and bump PORTREVISION.
Failure-inducing commit:
------------------------------------------------------------------------
r508882 | mat | 2019-08-14 00:29:42 +0200 (Wed, 14 Aug 2019) | 2 lines
onvert to UCL & cleanup pkg-message (categories l-m)
------------------------------------------------------------------------
- Rename the files installed to /usr/local/etc/newsyslog.conf.d/ to end
with a '.conf' suffix.
- Add pkg-install script to automatically move any copies of the old
newsyslog file to the new location if the new file is unmodified from the default,
or print a warning if it the new file has been modified.
- Add a note to UPDATING and pkg-message to warn users of this, in case
they are using provisioning/configuration management tools which need
to be modified. Note the UPDATING entry was committed in r485721.
Recent changes to /etc/newsyslog.conf (r340318) will only include files
from the /usr/local/etc/newsyslog.conf.d/ directory which end with
'.conf' and do not beginning with a '.' character.
Reviewed by: mat
Approved by: mandree (maintainer)
Differential Revision: https://reviews.freebsd.org/D17088
- When no virtualhosts are defined, and the default localhost/localhost is
effective, the post-install script now adds DEFAULT_EMAIL_HOST,
DEFAULT_URL_HOST, and add_virtualhost() lines to mm_cfg.py.
Add corresponding support to remove unchanged configurations to the
deinstall script.
- While here, overhaul crontab configuration to only request a merge if the
crontab had been modified, and unify progress reports.
- Merge pkg-deinstall into pkg-install, to avoid duplication of code
that might be missed in later maintenance.
PR: 225961
Reported by: Terry Kennedy
When the upstream initscript grew a "reopen" mode with 2.1.17 in late 2013,
our patch stuffed the usage information into the wrong place, so that we
inadvertently disabled the new reopen mode, thus never supported it
through the init script in FreeBSD.
Bump PORTREVISION.
PR: 225800
Submitted by: Yasuhito FUTATSUKI
MFH: 2018Q1
- Fix checksum failures in Defaults.py[c]:
No longer patch Defaults.py in postinstall, instead configure
--with-mailhost=localhost --with-urlhost=localhost, as
Fedora and Arch Linux do.
- Add a related note to FreeBSD-post-install-notes.
- Add a related safeguard to the rcfile, which will refuse to run
if the DEFAULT_*_HOSTs are not configured. This can be changed
with a new mailman_run_localhost="YES" rc.conf setting, which will
then restrict itself to printing the warnings, but still start mailman.
- Update htdig patch to upstream SVN r1734.
- Bump USES, python:2 -> python:2.7
- Regenerated patches.
Changelog:
https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/1743/NEWS#L8
Release/SecuritY announcement:
https://www.mail-archive.com/mailman-users@python.org/msg70478.html
PR: 225767 (related vuxml entry)
Reported by: Vladimir Krstulja
MFH: 2018Q1
Security: CVE-2018-5950
Security: 3d0eeef8-0cf9-11e8-99b0-d017c2987f9a
This enforces the EXAMPLES option because we can't keep
the .sample file in etc/newsyslog.conf.d/* - it would be processed
as the actual file, so we use %%EXAMPLESDIR%% for the distributed version.
If the package is built in, for instance, poudriere, or on a computer other
than the one it is later installed on, the DEFAULT_MAIL_HOST and
DEFAULT_URL_HOST variables in the Mailman/Defaults.py file were unsuitable.
Leverage pkg-install to fix these up to be the same as hostname -f at
install time.
[The MFH would require the intermediate update to 2.1.24 to be included.]
MFH: 2017Q3
This patch is part of the HTDIG integration patch already. [1]
Also correct namazurc file path in pkg-message, bumping PORTREVISION.
PR: 207876 [1]
Submitted by: David Siebörger [1]
Pull upstream change 1629 to fix Launchpad Bug #1551075
<https://bugs.launchpad.net/mailman/+bug/1551075>. This fix improves
preservation of OpenPGP MIME multipart signatures, by not collapsing
a multipart with a single sub-part inside multipart/signed parts.
See the Launchpad bug report for details.
EXPERIMENTAL feature: Reenable HTDIG support by rolling the patch on our
own, and laying down instructions to do so in the Makefile. Mark Sapiro
no longer maintains the patch.
Bump PORTREVISION to 3.
Note that the upstream maintainer considers another release in a few
weeks' time, and called for help with updating translations. If you
want to help, see
<http://www.mail-archive.com/mailman-users%40python.org/msg68036.html>
Prior to this fix, pkg-install used hardcoded
${PKG_PREFIX}/sbin/postconf, but postfix-base installs it into
/usr/sbin/postconf.
Instead, do a path search for postconf in ${PKG_PREFIX}/sbin:$PATH and
cache the result in a variable.
It used to use GNU-install-isms (options after arguments) that don't
work with BSD install and caused two spurious directories to be created,
one named -g, the other usually named "mailman" (or whichever group name
was configured). Bumps PORTREVISION.
PR: 207528 (Attachment #167455)
Submitted by: ohauer@
Fixes one security bug [1], a few other bugs, and adds a feature so that
list admins can edit list addresses.
Uses newer Mailman-and-HTDig integration patches. [2]
Security: CVE-2015-2775 [1]
Security: a5f160fa-deee-11e4-99f8-080027ef73ec [1]
PR: 199286 [2]
Submitted by: David Siebörger [2]
(Reported by Alex Stangl.)
Take the opportunity to convert powerlogo from GIF to PNG.
Check permissions of mailman/qfiles directory and top-level
subdirectories from post-install before running check_perms script,
further to the existing workarounds for pkg/libarchive permissions
issues.
- Move directory permission handling into pkg-install, to work around
pkg/libarchive issues on 9.3.
- Handle some crucial directory permissions directly in pkg-install,
so that running check_perms becomes optional.
- Try a bit harder to preserve permissions on the archives/private dir.
- The rcfile now fixes directory permissions by default on start.
- You can now set mailman_fix_perms="NO" in the /etc/rc.conf* files,
to avoid running check_perms -f on start, or from pkg-install.
- Clean up pkg-plist.
- Bump PORTREVISION to 6.
Suggested by: bapt@, peter@
they installed the package without running scripts (pkg install -I).
Clean up inconsistent image (=icon) installation. Reported by Alex Stangl.
Makefile: Shuffle things around to please portlint.
Makefile: Clean up muting: only mute RM, comments, MKDIR.
Makefile: Move postfix checks into pkg-install.
pkg-deinstall: drop workaround for traditional pkg_delete.
pkg-deinstall: less verbose mail list reporting.
pkg-deinstall: cleanups for last_mailman_version handling.
pkg-install: defeat "Re-run..." line from check_perms to avoid confusing users.
pkg-plist: cleanups and modernization. Sets directory permissions.
NOTE: pkg 1.4.1 is unable to extract these on package installs,
"make install" however should be fine.
The FreeBSD pkg-message and post-install documentation now clearly warn
that the binary package is only meant for use with Sendmail, and
hints that poudriere can be used to build a Mailman package with
different options.
PR: 192230 [1]
Submitted by: feld [1], Tom Limoncelli [2]
https://launchpad.net/mailman/2.1/2.1.16/
Support stage directory. (Requires Python 2.7, 2.6 is no longer
sufficient.) This requires us to compile the Python scripts ourselves to
avoid spilling the stagedir name all over the .pyc files, as Mailman's
build would do (causing complaints from make stage-qa).
While there, compile bin/*.py programs, too.
The post-install section of the Makefile is more verbose now.
Run Mailman's bin/update after install.
Fixes to handling the mailman_last_version file to avoid leftover dirs
from an unused Mailman installation and deinstallation.
Scripts are more robust now, and use mktemp -d for temporary directories.
failing, please add detailed information how you set up your MTA, and
Mailman, what user/group IDs are, how list aliases are managed, and
thereabouts.
- Update to 2.1.15. [2] Changes: click View the full Changelog on
https://launchpad.net/mailman/2.1/2.1.15
- Fix without-NLS install: Install at least English template. [1]
- Drop EXIM3 option, we don't have an Exim 3 port any more.
- Drop INTEGRATION option, which would at best be confusing.
- Reformat COMMENT to fit into common limits.
- Fix typo in COURIER_DESC.
- When Postfix integration is chosen, add BUILD and RUN_DEPENDS on
Postfix because we need the postconf program.
- Use htdig patches for Mailman version 2.1.12 and remove BROKEN tag,
in an experimental attempt to revive htdig support.
- Fix a few minor glitches in FreeBSD-post-install-notes.
- Drop files/patch-Mailman__Cgi__confirm.py, integrated in upstream tarball.
- Add launchpad.net to MASTER_SITES.
- Update files/postfix-verp.diff.
- Install a dummy one-line text file into PYTHON_SITELIBDIR so that
Python's upgrade-site-packages would reinstall Mailman. [1]
- Add "status" support for rc.d script. [3]
- Change pre-fetch: to pre-everything::
- Revise formatting of pre-everything text to make clear it displays
default values, not current values. To avoid ports/170280.
PR: ports/135503 [1]
PR: ports/170280 [2]
PR: ports/170285 [2]
PR: ports/176180 [1]
PR: ports/181298 [3]
Submitted by: Lowell Gilbert [1]
Submitted by: Stefan Lasiewski [2]
Submitted by: Oliver Fromme [3]
* Add LICENSE section
* Add CONFLICTS with japanese/mailman
* Make use of SUB_FILES
* Make use of PORTDOCS
* Apply simple use of OPTIONS
* Add WITHOUT_NLS knob to make portlint happier
* Append "MTA = 'Postfix'" to mm_cfg.py.dist.in when defined
both WITH_POSTFIX and WITH_INTEGRATION at the same time [3]
* Bump PORTREVISION
- japanese/mailman [2]
* Switch to Japanized mailman 2.1.14+j7 based on mail/mailman
* Take maintainership
* Add CONFLICTS with mail/mailman
* Update pkg-descr
* Set PORTEPOCH because 2.1.14.j7 is less than 2.1.14_6
PR: ports/165404 (based on) [1], ports/165403 [2]
Submitted by: tota (myself) [1] [2]
Suggested by: Yoshito Takeuchi [3]
Approved by: Sunagawa Koji (maintainer) [2]
Dedicated to: Tokio Kikuchi
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
- Stop touching files outside WRKDIR before install
- Use USERS and GROUPS -- this time via patch [1]
- Change BROKEN to IGNORE fo incorrect OPTIONS choices
- Use @stopdaemon
PR: ports/157868
Submitted by: Guido Falsi <mad@madpilot.net>
Approved by: rene (mentor)
