As a result of the security advisory -- a cross-site scripting 
vulnerability -- I have to update some mailman sites to 2.1.4 from 
2.0.12.  Does anyone have any success stories?  The UPGRADING file 
makes it sound non-trivial.  (I've seen Andrew Mellinger's question and 
Hisashi T Fujinaka's reply -- any other issues?)

		--Steve Bellovin, http://www.research.att.com/~smb