[pkgsrc/pkgsrc-2021Q3]: pkgsrc/mail/mailman Pullup ticket #6534 - requested b...

[tm <tm%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/d2cae31e287c
branches:  pkgsrc-2021Q3
changeset: 769826:d2cae31e287c
user:      tm <tm%pkgsrc.org@localhost>
date:      Sat Nov 20 21:50:39 2021 +0000

description:
Pullup ticket #6534 - requested by bsiegert
mail/mailman: security fix

Revisions pulled up:
- mail/mailman/Makefile                                         1.95
- mail/mailman/PLIST                                            1.31
- mail/mailman/distinfo                                         1.31

---
   Module Name:    pkgsrc
   Committed By:   tm
   Date:           Tue Oct 26 18:42:55 UTC 2021

   Modified Files:
           pkgsrc/mail/mailman: Makefile PLIST distinfo

   Log Message:
   mail/mailman: Update to 2.1.35

   2.1.35 (19-Oct-2021)
     Security
       - A potential for for a list member to carry out an off-line brute force
         attack to obtain the list admin password has been reported by Andre
         Protas, Richard Cloke and Andy Nuttall of Apple.  This is fixed.
         CVE-2021-42096  (LP:#1947639)
       - A CSRF attack via the user options page could allow takeover of a users
         account.  This is fixed.  CVE-2021-42097  (LP:#1947640)
     Bug Fixes and other patches
       - Fixed an issue where sometimes the wrapper message for DMARC mitigation
         Wrap Message has no Subject:.  (LP: #1915655)
       - Plain text message bodies with Content-Disposition: and no declared
         charset are no longer scrubbed.  (LP: #1917968)
       - CommandRunner now recodes message bodies in the charset of the user's
         or list's language to avoid a possible UnicodeError when including the
         message body in the reply.  (LP: #1921682)
       - Delivery disabled by bounce notices to admins now have 'disabled'
         properly translated.  (LP: #1922843)
       - DMARC policy discovery ignores domains with multiple DMARC records per
         RFC 7849,  (LP: 1931029)

diffstat:

 mail/mailman/Makefile |   7 +++----
 mail/mailman/PLIST    |   3 ++-
 mail/mailman/distinfo |  10 +++++-----
 3 files changed, 10 insertions(+), 10 deletions(-)

diffs (51 lines):

diff -r 3361c459710a -r d2cae31e287c mail/mailman/Makefile
--- a/mail/mailman/Makefile     Fri Nov 05 19:33:22 2021 +0000
+++ b/mail/mailman/Makefile     Sat Nov 20 21:50:39 2021 +0000
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.94 2020/12/04 20:45:27 nia Exp $
+# $NetBSD: Makefile,v 1.94.8.1 2021/11/20 21:50:39 tm Exp $
 
-DISTNAME=      mailman-2.1.34
-PKGREVISION=   1
+DISTNAME=      mailman-2.1.35
 CATEGORIES=    mail www
-MASTER_SITES=  https://launchpad.net/mailman/2.1/2.1.34/+download/
+MASTER_SITES=  https://launchpad.net/mailman/2.1/2.1.35/+download/
 EXTRACT_SUFX=  .tgz
 
 MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
diff -r 3361c459710a -r d2cae31e287c mail/mailman/PLIST
--- a/mail/mailman/PLIST        Fri Nov 05 19:33:22 2021 +0000
+++ b/mail/mailman/PLIST        Sat Nov 20 21:50:39 2021 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.30 2020/08/26 18:40:35 wiz Exp $
+@comment $NetBSD: PLIST,v 1.30.10.1 2021/11/20 21:50:39 tm Exp $
 lib/mailman/Mailman/Archiver/Archiver.py
 lib/mailman/Mailman/Archiver/Archiver.pyc
 lib/mailman/Mailman/Archiver/HyperArch.py
@@ -2232,6 +2232,7 @@
 lib/mailman/tests/bounces/simple_39.txt
 lib/mailman/tests/bounces/simple_40.txt
 lib/mailman/tests/bounces/simple_41.txt
+lib/mailman/tests/bounces/simple_44.txt
 lib/mailman/tests/bounces/sina_01.txt
 lib/mailman/tests/bounces/smtp32_01.txt
 lib/mailman/tests/bounces/smtp32_02.txt
diff -r 3361c459710a -r d2cae31e287c mail/mailman/distinfo
--- a/mail/mailman/distinfo     Fri Nov 05 19:33:22 2021 +0000
+++ b/mail/mailman/distinfo     Sat Nov 20 21:50:39 2021 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.28 2020/08/26 18:40:35 wiz Exp $
+$NetBSD: distinfo,v 1.28.10.1 2021/11/20 21:50:39 tm Exp $
 
-SHA1 (mailman-2.1.34.tgz) = b2482720b6fc8740c2fe9ca4c6c703e550fa87d1
-RMD160 (mailman-2.1.34.tgz) = 348b42ad1aab5c42d2aff1ee8279cabfa0d1eb66
-SHA512 (mailman-2.1.34.tgz) = 34b8a2c1c335327ac899e6be71de020f80ec053823c9812c48609e97834f5a4b48939bbd640f8dff541c4189088199cae93818f77056e96c2318f565743a97bf
-Size (mailman-2.1.34.tgz) = 9414225 bytes
+SHA1 (mailman-2.1.35.tgz) = 96dc071ecb7cbf5ced15c75681b18d834d6fe62d
+RMD160 (mailman-2.1.35.tgz) = 0b53cd0b5e907dc1355eb0df0292e61a04d93b57
+SHA512 (mailman-2.1.35.tgz) = 2411a1a8196ec9c298231bfb649c2575b899ce167730b0069c76712a95c488520ca55b56a383b18a3e245774ad76ca1df7dbf3a937c2e2837021128709746ae4
+Size (mailman-2.1.35.tgz) = 9508348 bytes
 SHA1 (patch-aa) = 9684b1caeb52f31ee6967eae3f9a464de214879e
 SHA1 (patch-ab) = 39f6294e53110bd1fd09b1e90ab46820f4d48e3f
 SHA1 (patch-ad) = 665884b9dd1789e4abd430c762bdbfd707d48d30