Commit graph

20 commits

Author SHA1 Message Date
bouyer
1fa2f8e36e Update to 6.2.54. Main changes since 6.2.16:
* Security and bug fixes
* more translations
* Some scenarios and list creation templates for "intranet" use cases were
  made optional: They have been moved into samples/
  https://github.com/sympa-community/sympa/issues/119
  See also "upgrading notes" (https://sympa-community.github.io/manual/upgrade/notes.html#from-version-prior-to-6250)
  for details.
* Hide full email addresses in archives
* Button for full export of subscribers
* Admin function to bulk unsubscribe
* Delete my account" button
* ARC support (Authenticated Received Chain).
2020-04-27 17:57:51 +00:00
bouyer
86c20bb8c8 Update sympa to 6.2.16. Notable changes since 6.2.7
This version finally fixes the old problem for primo-installation when the
sympa wizard would not start to generate the sympa.conf... because the
sympa.conf file was empty.

In addition, Soji fixed a timeout problem when Sympa closed a list, because
Sympa spent ages checking whether the list was included or not in another one.
He simply added a table registering the lists inclusions to speed up the
checking process. And because fixing the problem was not enough to him, he
also added a new page in the Sympa web interface to visualize lists inclusions.
In summary, what you have now is:
    "including_lists" page to get lists including particular lists. This page
       is accessible only by list owners and listmasters.
    Now looping by include_list settings can be detected. Inclusion is skipped
       if a setting will cause looping.
    the new 'include_sympa_list' parameter obsoletes 'include_list' in list
       config and named data sources. Older one may still be used as it is
       mapped to newer one internally.

The subindex page did not allow to actually accept/reject subscriptions. This
was because of a badly named parameter being passed to the templates.

WWSympa does no longer respect HTTP request header fields noticing the request
was forwarded ("X-Forwarded-Host:" etc.). In particular cases, you may require
adjusting configuration.

Now wwsympa_url parameter defines the URL publicly accessed by users.
Contrarily "http_host" and "cookie_domain" parameters indicate the URI and/or
domain which are locally recognized by wwsympa, i.e taken form "http_host"
("Host:" field) and "request_uri" CGI environments.
"Location:" response field sent by wwsympa to cause redirection also gives
local URL.

If requests sent from users to wwsympa are rewritten by intermediate
server(s), you should make sure that wwsympa server and rewriting server(s)
are appropriately configured.

a new parameter, use_tls, appears to replace obsoleted "use_ssl" and
"use_start_tls" parameters; note that these obsoleted parameters can stil be
used. But the new one is way more convenient: "use_tls" takes one of following
values corresponding to old ones:
        "starttls" : use_ssl=0, use_start_tls=1.
        "ldaps" : use_ssl=1, use_start_tls=0.
        "none" : TLS/SSL is disabled.
Now STARTTLS may be enabled in LDAP datasource configuration of lists
along with LDAPS.
The "Feedback" link will now be visible by listmasters only! We received
enough mails from end users mis-interpreting this link with their local
helpdesk. :-|
Now [% path_cgi %] template variable respects "wwsympa_url" configuration
parameter. Previously it was taken from CGI environment variable.

Soji also improved Sympa daemons to capture the SIGCHLD signal, so that
defunct children will be closed quicker.

As we tend to change the CSS regularly according to the different feedback you
send us, we added the Sympa version number in the CSS file URL, so that it will
be automatically reloaded, ignoring cache, when your users arrive on the web
interface after an upgrade.

Changing web_archive_spam_protection did not update spam protection mode on
  past archives. Fixed by applying spam protection at the time of display, not
  when archives were created / rebuilt.
base element in web output should be eliminated, because it will mess reverse
  proxy and so on. Fixed by making partial URIs to be redirected to base URI.
WWSympa: Cannot view attachments in bounce messages and moderated messages.
  Fixed by correcting inappropriate relative URL paths.
2017-03-20 10:24:02 +00:00
agc
ddbf6ddecd Add SHA512 digests for distfiles for mail category
Problems found locating distfiles:
	Package mutt: missing distfile patch-1.5.24.rr.compressed.gz
	Package p5-Email-Valid: missing distfile Email-Valid-1.198.tar.gz
	Package pine: missing distfile fancy.patch.gz
	Package postgrey: missing distfile targrey-0.31-postgrey-1.34.patch
	Package qmail: missing distfile badrcptto.patch
	Package qmail: missing distfile outgoingip.patch
	Package qmail: missing distfile qmail-1.03-realrcptto-2006.12.10.patch
	Package qmail: missing distfile qmail-smtpd-viruscan-1.3.patch
	Package thunderbird24: missing distfile enigmail-1.7.2.tar.gz
	Package thunderbird31: missing distfile enigmail-1.7.2.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
2015-11-03 23:27:00 +00:00
bouyer
3fc62928c5 Update to 6.2.7. Lots of change since 6.1.24, see
http://www.sympa.org/distribution/latest-stable/NEWS
for complete list.
Main changes are:
Tracking feature
The tracking feature is a way to request DSN or DSN + MDN when sending
a message to each subscribers. In that case, Sympa (bounced.pl) collect both
DSN and MDN and store them in a new table "notification_table".
Then, for each message, the list owner can display which subscribers has
displayed, received or not received the message. This can be used for some
important lists where list owner need to collect the proof of reception or
display of each message. This page is accessible via archive

Spools back to filesystem
Because of stability and scalability issues, spool for bulk sending no
longer depend on database tables: It is based on filesystem.

Stats
Now Sympa stores data whenever one of the following event occurs:
	a message is sent to a list;
	a user subscribed to a list;
	a user unsubscribed from a list;
	a user is added to a list by another user;
	a user is removed from a list by another user;
	a user is removed from a list by the automatic bounce management;
	a file is uploaded to the shared directory;
	a file is deleted from the shared;
	a message to a list is rejected in moderation;
	a user logs in to the web interface;
	a user logs out;
	a list is created;
	a list is deleted;
	a list is restored;
	a human user (not a harvester) hits a page.

These data are regularly aggregated by the task_manager.
The aggregated data are available to users, owners and listmaster in
their respective interfaces.

Web interface
The most visible is probably the new web interface skin.
It is nicer, simpler, responsive and retains all the customization
capabilities that make Sympa adaptable to your needs.
Exclusion table was just a display of the users excluded. This page is now
a form, similar to the review page, which allows to restore users subscriptions.

Added "Add subscriber" button to modindex page if the sender is not subscribed.
It may be useful because users need not know about SUB command and sympa
command address. The buttons appear only when Web user is the list owner.

The "Customizing" link was moved from main list admin to list config sub
section as list related text files are in a way list configuration parameters
as well.
Better password validation. When the user requests change of password via
WWSympa or SympaSOAP, new password may be checked its strength.
New parameter password_validation may be used to customize policy of password
validation. See help text of the parameter for more details.

Web services

Full VOOT 2.0 protocol support. VOOT is an opensocial subset to manage group
membership. full details on this IETF draft here: http://openvoot.org.
This feature enables Sympa to be both group provider and consumer in the VOOT
protocol.
The soap server now exposes full review with owners, editors and gecos to list masters and list owners.

Plug, plug, plug...

We added or improved several ways to plug new functionnalities in Sympa.
Template plugins

This feature allows to package code to be used in templates. It enables
foreign data integration in Sympa's UI and emails, user specific
UI enhancement and much more! Integrating user targeted data retreived through
a call to a webservice becomes possible in a simple way, automatically adding
info from a database to outgoing emails as well !
Further details here : https://www.sympa.org/manual/templates_plugins

Enhanced custom actions functionality

Custom actions are used to run specific code and/or display user defined
templates. They can be executed in list or global context (it is up to you
to decide what to do in both cases). Previously, a custom action was a
simple TT2 template added to the web interface. It could only display data,
not process them. They were improved to allow greater expressiveness.
You can now develop a perl module to process the data passed to your
custom action.

Warning: AFTER UPGRADING TO 6.2, ANY PRE-EXISTING CUSTOM ACTION MUST BE
MOVED TO THE RELEVANT CUSTOM_ACTION DIRECTORY TO KEEP WORKING.

Mail hooks

Sympa::Message::Plugin provides hook mechanism to intervene in processing by
Sympa. Each hook may modify messages or may break ordinary processing.
This functionnality is quite new and still experimental. Please read the
perldoc of Sympa::Message::Plugin for more details about how to create and enable hooks in message handling.

Custom attributes provisionning

Custom attributes can now be provisionned using external data sources,
the same way as email addresses. For now, only SQL or LDAP datasources are
supported. To use this feature, you need first to define the custom attributes
as previously. This attribute must have the same name as the fields used in
your queries.

Synchronization disabling

In several organizations, nightly maintenances make the datasources
unavailable during some period of times. a new sub-parameter in data sources
definition allow to prevent Sympa from trying to synchronize list members
with these sources during a defined time range.

A recurrent question regarding list inclusion was to be able to extract not the whole list, but only a subset. It is now possible.

include_list parameter value can now look like this:

<listname> filter <filter_condition>

ODBC is now supported for email data sources.
sql, ldap and ldap2 user inclusions now handles gecos. It uses 2nd returned
column for sql and 2nd given attribute for ldap (comma separated).
Now "host" parameter of the LDAP datasource in list config may include URLs
(ldap, ldaps and ldapi) along with hostnames. So "port" and "use_ssl"
parameters

Scenarios

Now CustomCondition can set the action to take (do_it, reject ...) by
setting $_, this allows for complex, single-module CustomConditions.
"[msg_header#field][index]" returns the value of particular field.
Index may be negative. - "[msg_header#field]" still returns list of field
values, additionally, ordering will be preserved. Fixes:
Conditions is_listmaster, is_owner, is_editor and is_subscriber can
handle multiple values.
They also parse arguments as header field values to get address parts.

New parameters

New list parameter: 'member_include'. This parameters allows to defined
.incl files to include list members, the same way it is done for list admins.
This grants extended flexibility in datasources, allowing list owners to tweak
their own data sources without accessing to the actual details of the query
made to gather email addresses.
New sympa.conf config parameter "sender_headers" to specify header fields by
which message sender is detected. This is a enhancement to
S. Shipway's improvement.
RFC: What is the reasonable default for this parameter?
Behavior of one time ticket lock-out is configurable.
Two new robot parameters were introduced:
one_time_ticket_lockout:
"one_time" won't allow access again. This is previous behavior.
"remote_addr" will lock the ticket on remote address accessed at first time.
"open" will never lock-out tickets.
one_time_ticket_lifetime: Duration before ticket expires. Default is "2d", previous hardcoded value.
Changes of list config parameters on archiving. New parameter
"process_archive" controls archiving. The default is "off":
To enable archiving, it must be set to "on" explicitly. OTOH even if
archiving is disabled by setting it "off", past archives will be kept
and accessible according to access settings.

Config files

wwsympa.conf will no longer be used: it would be migrated to sympa.conf.

Alias management uniformization

Now alias maintenance utilities other than newaliases may be used without
special configure options nor patch to alias_manager.pl. Changes:

aliaswrapper and virtualwrapper were deprecated and replaced with sympa_newaliases-wrapper.
New alias management program sympa_newaliases.pl which will typically be
called by alias_manager.pl via sympa_newaliases-wrapper.
New site configuration parameters aliases_db_type and aliases_program will
control behaviour of alias database maintenance.

openssl dependency dropped

openssl(1) utility is no longer required. Instead, a few CPAN modules are required to use S/MIME or SSL features:

Crypt::SMIME
Crypt::OpenSSL::X509

The parameter "openssl" in sympa.conf was obsoleted. Note that p12topem.pl still needs openssl: To make it work, PATH environment variable should be set appropriately.
Internationalization

i18n titles in configuration.

List families scenari

Now you can define a "scenari" directory in the lists family directory.
These scenarii will be available for lists instantiated from this family.
List families addistional files

Until now, only the config.tt2 file was parsed when the family was
instantiated, thus producing the lists' config file. As a lot of other files
can be used to configure a list (footer, header, etc.), we added the
possibility to instantiate these files as well. The list of files parsed
(in addition to config.tt2) when instantiating a family are defined in
a new (sympa.conf and robot.conf) parameter called 'parsed_family_files'.
This parameter must contain a comma-separated list of file names.
If these files exist, with the '.tt2' extension added to their name,
in a family, they will be parsed and added to the list directory.

The default value of the parameter is: 'message.footer,message.header,message.footer.mime,message.header.mime,info'.

These files are updated in existing lists when a family is instantiated.
note that it will overwrite any other customization.
On the web automatic lists

Administration
Widely extended logs when the log_module parameter is activated with the
value 'scenario': all scenario results are evaluated. Remember that extended
logs can be limited by the IP or the email of the user, using the
'log_condition' parameter. log_module and log_condition are now declared in
sympa.conf instead of wwsympa.conf. Remember these parameters syntax:

log_module: can take the value "scenario" - only.
log condition: takes a character string as value. The form is
"ip=<an.ip>,email=<an_email>". You can put ip alone, email alone or both,
with the comma-separated form.

Listmaster notifications can now be grouped. If, for a specific robot,
several notifications are issued within a short period of time with the
same operation code only the first ones are sent, the next ones are stacked.
The stacking ends when no notifications are issued anymore, or when the first
one is too old. All the stacked notifications are then sent as attachments of
a single message. Internal settings : Stack if more than 3 notifications with
the same operation code are issued for the same robot - Send stacked
notifications if no new one satisfying the condition above was received for
more than 30 seconds - Send stacked notifications if the oldest one was issued
more than 60 seconds ago

sympa.pl -health_check checks config files, database connection and structure,
and data structure version.
Daemons such as sympa.pl no longer check database structure nor data version.

File extension of lock files are changed from ".lock" to ".LOCK", because lowercase name can conflict with domain part in the future.
2015-09-26 14:56:10 +00:00
bouyer
b3de4a00d6 Update to 6.1.24. Changes since 6.1.22:
- wwsympa/wwsympa.fcgi.in:  Preventing faulty newsletter sending (security fix)
- src/sympa.pl.in: [Submitted by B. Marchal, univ. Lorraine] the
  loop_prevention_regex parameter was never taken into account.
- New scenarios to check DKIM signature
- When the user requests change of password via WWSympa or SympaSOAP, new
  password may be checked its strength.
- src/lib/Scenario.pm:  Now CustomCondition can set the action to
  take (do_it, reject ...) by setting $_, this allows for complex,
  single-module CustomConditions.
and various bug fixes
2015-01-22 12:04:36 +00:00
bouyer
0509bda2cb Update to 6.1.22. Main changes since 6.1.11:
[10541] src/lib/List.pm:  [Submitted by S. Shipway, Univ. of Auckland]
	Workaround for aggressive DMARC policy such as yahoo.com.  The patch
	adds option #3 of this DMARC FAQ: http://dmarc.org/faq.html#s_3
	- New list config paragraph "dmarc_protection" to munge "From:" header
	and put original header content erc. into comment.

	[10540] src/lib/Bulk.pm:  New parameters for merged messages.
	"part.description", "part.disposition", "part.encoding" and "part.type"
	may be used for each part of input messages.  These are all-lowercase
	(except "part.description").

*****	[10207] src/etc/script/create_db.Oracle, src/etc/script/create_db.Pg,
*****	src/etc/script/create_db.SQLite, src/etc/script/create_db.Sybase,
*****	src/etc/script/create_db.mysql:  Two new database fields appeared in
*****	this version and a field was modified.
*****	- The new fields are prev_id_session (varchar(30)) and
*****	refresh_date_session (int(11)). they are located in the session_table
*****	table.
*****	- The modified field is dkim_privatekey_bulkspool and is located in the
*****	bulkspool_table table. Its length went from varchar(1000) to
*****	varchar(2000).
*****	Sympa install using MySQL and SQLite backends will have no trouble at
*****	all, as the database structure is updated by Sympa.
*****	However, if you use Postgres, Oracle or Sybase, please have a look
*****	(respectively) at the create_db.Pg, create_db.Oracle or
*****	create_db.Sybase to check the definition of those fields. Please update
*****	your database structure before running Sympa.

	[10206] src/lib/Sympa/DatabaseDescription.pm:  Changing length of DKIM
	private key in database to ensure database creation scripts will be
	updated.

	[10074] mail_tt2/command_report.tt2, mail_tt2/info_report.tt2,
	mail_tt2/review.tt2, src/lib/Commands.pm, src/lib/List.pm,
	src/lib/tt2.pm, web_tt2/edit_list_request.tt2,
	web_tt2/review_family.tt2, web_tt2/search_user.tt2,
	web_tt2/suboptions.tt2, web_tt2/subscriber_table.tt2,
	web_tt2/suspend_request.tt2, wwsympa/wwslib.pm,
	wwsympa/wwsympa.fcgi.in:  i18n of options for list parameters and
	subscriber options.
	- Options on edit_list page are shown by i18n'ed titles.
	- Only listmasters can view real config values.
	- Subscriber options on review pages, command results, subscriber
	option pages and so on are shown by i17n'ed titles (along with real
	option values).

*****	[10051] src/lib/tt2.pm, web_tt2/Makefile.am, web_tt2/css.tt2,
*****	web_tt2/ja_JP, web_tt2/ja_JP/css.tt2, web_tt2/ko_KR,
*****	web_tt2/ko_KR/css.tt2, web_tt2/main.tt2, web_tt2/zh_CN,
*****	web_tt2/zh_CN/css.tt2, web_tt2/zh_TW, web_tt2/zh_TW/css.tt2,
*****	wwsympa/wwsympa.fcgi.in:  Per-language css.tt2 will override any
*****	portion of main css, not fully replacing it.  So they may be used for
*****	locale-specific customization.
*****	Background: Default css.tt2 specifies the font families covering
*****	Western scripts (Latin, Cyrillic, ...).  East Asian users may prefer
*****	consistent font family supporting Western along with Eastern scripts
*****	(Han, Hangul, ...).

	[9966] src/lib/Message.pm, src/lib/confdef.pm:	New site config
	parameter "sender_headers" to specify header fields by which message
	sender is detected.
	This is a enhancement to S. Shipway's improvement.

	[9963] web_tt2/review.tt2, web_tt2/show_exclude.tt2,
	wwsympa/wwsympa.fcgi.in: [Reported by so many listmasters we lost the
	count] Exclusion table was just a display of the users excluded. list
	owners could not do anything to restore subscriptions;
	This page is now a form, similar to the review page, which allows to
	restore users subscriptions.

	[9951] src/lib/List.pm:  Now you can define a "scenari" directory in
	the lists family directory. These scenarii will be available for lists
	instantiated from this family.
	The "scenari" directory must be put directly in the family directory,
	not in the overall "families" directory. For example, if you want to
	define scenarii specific to the "staff" family, you must define a
	scenari directory in the /home/sympa/etc/families/staff/ directory. Not
	in /home/sympa/etc/families/.

*****	[9989] configure.ac, src/Makefile.am, src/alias_manager.pl.in,
*****	src/etc/script/ldap_alias_manager.pl.in,
*****	src/etc/script/mysql_alias_manager.pl.in, src/lib/confdef.pm,
*****	src/sympa_newaliases-wrapper.c, src/sympa_newaliases.pl.in:  Now alias
*****	maintenance utilities other than newaliases may be used without special
*****	configure options nor patch to alias_manager.pl.
*****	Changes:
*****	- aliaswrapper and virtualwrapper were deprecated and replaced with
*****	sympa_newaliases-wrapper.
*****	- New alias management program sympa_newaliases.pl which will typically be
*****	called by alias_manager.pl via sympa_newaliases-wrapper.
*****	- New site configuration parameters aliases_db_type and aliases_program
*****	will control behaviour of alias database maintenance.
*****	- configure script:
*****	- Options --with-sendmail_aliases and --with-virtual_aliases were
*****	deprecated.  Use --with-aliases_file instead.
*****	- New options --with-makemap and --with-postalias, along with
*****	options --with-newaliases and --with-postmap are available.
*****	- Option --with-postmap_arg was removed.
*****	- Alias managers can handle postmap/makemap style maps (delimited by
*****	whitespace), not only newaliases style maps (delimited by colon).

	[9953] wwsympa/wwsympa.fcgi.in: [Submitted by S. Shipway, univ.
	Auckland] several changes in privilegs to ease everyday lists
	moderation:
	- Owners and lismasters can moderate messages and shared repository
	- Editors can moderate subscriptions
	- 'del' and 'add' sceanrios are evaluated to make their result
	available in each page.

	[8451] src/etc/Makefile.am, src/etc/create_list_templates/confidential,
	src/etc/create_list_templates/confidential/comment.tt2,
	src/etc/create_list_templates/confidential/config.tt2,
	src/etc/scenari/send.confidential:  New "confidential" list model.
	These lists are used for groups who don't want any publicity around
	their activities; All possible restrictions are applied to prevent
	unauthorized users to know these lists exist and to learn anything
	about them.

	[8454] web_tt2/footer.tt2, web_tt2/tt2_error.tt2:  Removing references
	to the Sympa version in web pages to avoid pages to be searched by bad
	guys willing to exploit known vulnerabilities on out of date servers.

For complete list of changes, see
http://www.sympa.org/distribution/latest-stable/NEWS
2014-08-30 20:26:45 +00:00
wiz
5372cbaf04 Fix build with perl-5.18. 2013-06-12 14:37:15 +00:00
bouyer
bb348d66f4 Update sympa to latest stable release 6.1.11. Lots of changes since the 5.4
series, users are encouraged to read /usr/pkg/share/doc/sympa/NEWS for
details. Summary of new features:

***   New bulk.pl daemon installed with Sympa. This daemon is dedicated to
      mail distribution and allows to parallelize this process on a single
      server as well as on multiple servers.
***   [Olivier Lumineau, CRU] Fresh new web CSS for the web interface.
***   Replace storage of password with encryption by md5 fingerprint. This
      make remind password impossible. So now a one time ticket table is created
      ticket are  sent by email as an authentication token. Ticket can be used
      for lost password, create account, moderation request . It should be
      generalized to all operation that need a email chalenge.
***  New propertie in object message : spam_status .  This feature is used in
     modindex (listing of message waiting for moderation) to show message
     tagued as spam.
     4 new parameters :
	 - antispam_feature default off
	 - antispam_tag_header_name default X-Spam-Status
	 - antispam_tag_header_spam_regexp default ^\s*Yes
	 - antispam_tag_header_ham_regexp default ^\s*No
***  DKIM : Sympa now supports DKIM for message diffusion and control.
***  web_tt2/Makefile.am, web_tt2/ca.tt2, web_tt2/lca.tt2,
     wwsympa/wwsympa.fcgi.in:  It is now possible to create Custom actions
     at the list or robot level. These custom actions allow you to create
     new pages in the Sympa web interface. for now, you can only display
     informations using this method. any post treatment (such as form
     submission) must be handled outside of Sympa. See
     https://www.sympa.org/manual_6.1/customizing#custom_actions for more
     details.
***  [Submitted by J. jourdan] "suspension of membership." The user can suspend
     his subscription to the lists
     that he subscribes. For a finite length or not. Added a calendar in
     javascript to select a date.

Also, lots of translastion updates, and bug fixes (including security ones)
2012-05-16 16:16:46 +00:00
bouyer
2cac68122b Add destdir support 2011-06-19 13:50:57 +00:00
bouyer
c6ff149b09 Update sympa to 5.4.4. Bug fixes (including SQL injestion and privilege
escalation vulnerabilities) and updated translations:
    * Sympa was not fully compliant to the RFC 2616, leading for example
      to possible unwanted list deletion by administrators using prefetching
      tools. This was fixed by replacing all the threatening GET requests
      by POST requests;
    * Use of sprint() function for creating SQL queries lead to possible
      SQL injection through cookie manipulation;
    * The use of files in /tmp lead to vulnerabilities.
2008-12-20 19:02:12 +00:00
bouyer
4fe117e7bb Update to 5.4.3. Changes since 5.4.2:
Features:

  po/ja.po, po/web_help_ja.po: update Japanese translation of the user
    interface, add Japanese translation of online help
  po/ru.po: Updated Russian translation.
  src/Commands.pm: [#3990][Submitted by A. Berstein, electricembers.net] The
    quiet option has been reactivated for the "reject" mail command.

Bug fixes:
  wwsympa/archived.pl: [Reported by M. Kretchner, INRIA] It was impossible
    to remove a message from web archives or rebuild these archives.
  check_perl_modules.pl: [Reported by M. Gorecka-Wolniewicz,
    Nicolaus Copernicus univ., Torun] In some cases, CAS logout didn't work.
  src/task_manager.pl, wwsympa/archived.pl, wwsympa/bounced.pl: [#3957]
    [Reported by O. Berger, Telecom & Management SudParis] When launching
    Sympa daemons (other than sympa.pl) with an unknown option, the daemon
    was still launched instead of failing to launch.
2008-11-09 16:15:47 +00:00
bouyer
45f056b829 Upgrade to sympa version 5.4.2. Changes since version 5.2.4:
Fix CVE-2008-1648 (denial of service)
Several new translations (some of them disabled, because of missing locale
  support on NetBSD-3).
Introduction of HTTP session in order to replace a lot of cookies, for better
  usability and security. This also allows some new features, from
  listing active session in admin page to crawler detection.
per list custom user attributes (defined by the list owner)
per list custom list parameters for use in authorization scenarios and
  mail templates
LDAP alias manager can now be LDAPS
XSS protection
Session hijacking protection
The performances  mainly regarding the web interface  have been
  significantly improved.

new SOAP features allow remote list creation, ADD and DEL of list members
Automatic list creation when a message is sent for the list.
each operations that changes the status of messages/subscriptions/list config
  is now logged in a structured DB entry.
Generalization of UTF-8

and more ...  See http://www.sympa.org/ for complete list.
2008-04-27 17:06:40 +00:00
bouyer
1a9f598abf cp -R behaves differently on netbsd-4 and previous releases, leading to
an extra html/ directory being created in docs. Changes html/ to html/.
to avoid this extra directory on netbsd-4. Should definitively fix
pkg/36007.
Bump PKGREVISION.
2007-04-20 18:52:34 +00:00
bouyer
a45ad0c940 Update sympa to 5.2.4. Should fix pkg/36007 as a side effect.
Main changes since 4.1.2:
Full virtual robot support ; you can now create 2 lists with the same name in
   different virtual robots
Message topics : list messages can be tagged with topics. List owner defines
   a set of topics for the list.  List members can select topics and only
   receive related messages.
Sympa is now VERP enabled
new return_path_suffix parameter in sympa.conf
new 'digest_max_size' list parameter. If a digest exceeds this limit, then
   multiple messages are sent.
New set of web templates, CSS and XHTML compatible.
RSS channels are providing the following features :
   * latest messages in list archives
   * latest documents in web repository
   * latest created mailing lists
   * most active mailing lists

Also, lots of other small features, translations and bug fixes.
2007-03-28 20:51:09 +00:00
agc
8758983939 Add RMD160 digests. 2005-02-24 09:59:20 +00:00
seb
961aa94ac5 Apply security fixes for CAN-2005-0073. Patches obtained from
Sympa's CVS repository via Sympa's homepage.

Bump PKGREVISION to 2.
2005-02-15 22:45:54 +00:00
seb
2187f63369 'if [ false ]; then ...' Yeah right... Fix my own stupidity.
No need to bump PKGREVISION or something, this was harmless:
some directories were made twice while installing from pkgsrc (by do-install
target and by INSTALL script) and binary packages were safe because the
INSTALL script creates them.
2004-10-10 15:09:23 +00:00
seb
747c08ed6f Update to version 4.1.2
Too many changes and bugfixes to list here, see installed file
${PREFIX}/share/doc/sympa/NEWS.

Highlights of package changes: use regular PREFIX, pervasive use of
bsd.pkg.install.mk framework, add dependencies on mhonarc package and
openssl, use bsd.options.mk framework to select MySQL or PostgreSQL support,
introduce SYMPA_VARBASE to select "/var" directory
(defaults to ${VARBASE}/sympa).

Take stewardship with previous maintainer blessing.

XXX Better startup script(s) than the ones I use should be provided, so
I'm not including them in this package.
2004-09-26 20:13:34 +00:00
wiz
1ad063193c Fix installation, so this package does not _create_ /etc/rc.d/init.d
during install unconditionally. Fixes a bulk build problem.
Confirmed by kristerw.
2004-09-20 22:49:39 +00:00
manu
087c2ce3a7 Sympa is a mailing list manager with a web interface for users and admins 2003-01-22 15:56:30 +00:00