Skip to content

Commit 6cbb619

Browse files
github-actions[bot]ikedas
github-actions[bot]
and
ikedas
authored
Update Release Notes for 6.2.74 (#1722)
* Update NEWS.md --------- Co-authored-by: IKEDA Soji <mail@ikedas.net>
1 parent 579e242 commit 6cbb619

File tree

1 file changed

+123
-0
lines changed

1 file changed

+123
-0
lines changed

NEWS.md

+123
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,128 @@
11
# Change Log
22

3+
## [6.2.74](https://github.com/sympa-community/sympa/tree/6.2.74) (2024-12-16)
4+
5+
[Full Changelog](https://github.com/sympa-community/sympa/compare/6.2.72...6.2.74)
6+
7+
**Notice:**
8+
9+
This release includes a fix for [CVE-2024-55919] Improper input validation on generic SSO login [\#1917](https://github.com/sympa-community/sympa/issues/1917).
10+
11+
Administorators setting `generic_sso` paragraph with `force_email_verify` parameter enabled in `auth.conf` should upgrade Sympa to this version or take measure. For more details see the Security Advisory [Sympa SA 2024-001](https://www.sympa.community/security/2024-001.html).
12+
13+
**Incompatible changes:**
14+
15+
- Notes for packagers:
16+
- Some distributions including Debian and the descendants separate `perldoc`
17+
from the package for Perl. On this case activating `perldoc` is
18+
encouraged for better user experiences
19+
[\#1832](https://github.com/sympa-community/sympa/pull/1832).
20+
- Fix for bug [\#1884](https://github.com/sympa-community/sympa/issues/1884)
21+
needs additional optional module
22+
[Unicode-UTF8](https://metacpan.org/dist/Unicode-UTF8).
23+
This module will be made mandatory on the release of Sympa in the near future.
24+
25+
- DKIM signatures in outgoing messages are no longer removed even if they
26+
are invalid
27+
[\#1852](https://github.com/sympa-community/sympa/issues/1852).
28+
On the other hand, `remove_dkim_headers` parameter was introduced for
29+
their removal, which is rarely needed
30+
[\#1898](https://github.com/sympa-community/sympa/pull/1898).
31+
32+
- If custom_subject contains a sequence number, it is always placed at the
33+
beginning of the subject. If it does not contain, it is placed at the same
34+
position as before
35+
[\#1811](https://github.com/sympa-community/sympa/issues/1811).
36+
37+
**Implemented enhancements:**
38+
39+
- The messages forwarded for admins (listmasters, owners and moderators) also
40+
should have DKIM signature [\#1869](https://github.com/sympa-community/sympa/pull/1869)
41+
- Do not remove (possibly invalid) DKIM-Signature headers from outgoing messages [\#1852](https://github.com/sympa-community/sympa/issues/1852)
42+
- LDAP: Add `deref` option to specify how to dereference aliases [\#1853](https://github.com/sympa-community/sympa/issues/1853)
43+
- Parameter for syslog socket should allow options such as host name [\#1839](https://github.com/sympa-community/sympa/issues/1839)
44+
- WWSympa: Expose update_epoch on get_closed_lists [\#1865](https://github.com/sympa-community/sympa/pull/1865)
45+
- Fix cross-robot list inclusion [\#1797](https://github.com/sympa-community/sympa/issues/1797)
46+
- WWSympa: Invitations via the Sympa website [\#648](https://github.com/sympa-community/sympa/issues/648)
47+
- Allow "custom_subject" to be at the beginning of the subject [\#1811](https://github.com/sympa-community/sympa/issues/1811)
48+
- Improve diagnostic messages in the DSNs generated by Sympa [\#1688](https://github.com/sympa-community/sympa/issues/1688)
49+
- WWSympa: Detect web crawlers [\#1667](https://github.com/sympa-community/sympa/pull/1667)
50+
- WWSympa: Save default sort key in review [\#1577](https://github.com/sympa-community/sympa/issues/1577)
51+
- Add `.eml` extension to archives files [\#1581](https://github.com/sympa-community/sympa/issues/1581)
52+
- Additional localised "Re:" prefixes in subject [\#1668](https://github.com/sympa-community/sympa/pull/1668)
53+
- Support for LDAP paged queries [\#57](https://github.com/sympa-community/sympa/issues/57)
54+
- Overall statistics panel [\#1661](https://github.com/sympa-community/sympa/issues/1661)
55+
56+
**Fixed bugs:**
57+
58+
- [CVE-2024-55919] Improper input validation on generic SSO login [\#1917](https://github.com/sympa-community/sympa/issues/1917)
59+
- DKIM signing and ARC sealing order is reversed [\#1851](https://github.com/sympa-community/sympa/issues/1851)
60+
- WWSynmpa: do_distribute: Confirmation was not always performed [\#1889](https://github.com/sympa-community/sympa/pull/1889)
61+
- WWSympa: Invalid UTF-8 sequences in input may trigger crashing [\#1884](https://github.com/sympa-community/sympa/issues/1884)
62+
- Incorrect "No bouncing members" on a large list with small number of bouncers [\#1842](https://github.com/sympa-community/sympa/issues/1842)
63+
- Prevent custom_header with non-ASCII characters [\#1840](https://github.com/sympa-community/sympa/issues/1840)
64+
- \[[Debian Bug#1062398](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062398)\]
65+
Lacks dependency on `perldoc` utility
66+
[\#1832](https://github.com/sympa-community/sympa/pull/1832)
67+
- CLI: With sympa config key=value, key couldn't contain dot [\#1831](https://github.com/sympa-community/sympa/pull/1831)
68+
- If lock fails, details should be included in the error message [\#1824](https://github.com/sympa-community/sympa/pull/1824)
69+
- Stop "do_distribute" actions from Web interface from generating backscatter emails to sympa-request alias [\#1737](https://github.com/sympa-community/sympa/issues/1737)
70+
- `From:` header sanitation fails with brackets and Umlauts: Bug in MIME-EncWords [\#1787](https://github.com/sympa-community/sympa/issues/1787)
71+
- PostgreSQL/SQLite: Sympa tries creating temporary views in databases unnecessarily [\#1812](https://github.com/sympa-community/sympa/issues/1812)
72+
- 🐛 — [moderation] Show message content when clicking on its object [\#1709](https://github.com/sympa-community/sympa/pull/1709)
73+
- WWSympa: Uploaded file names in UTF-8 were garbled [\#1802](https://github.com/sympa-community/sympa/issues/1802)
74+
- Setting invite sender as From: field should be avoided [\#1846](https://github.com/sympa-community/sympa/issues/1846)
75+
- The length of boundary lines in multipart messages could exceed 70 octets [\#1795](https://github.com/sympa-community/sympa/issues/1795)
76+
- Add links to create or recreate password [\#1713](https://github.com/sympa-community/sympa/issues/1713)
77+
- DKIM: `i=` tag may not match in some auto-generated messages [\#1716](https://github.com/sympa-community/sympa/issues/1716)
78+
- Broken output with SOAP API due to mixture of byte- and utf8-strings [\#1541](https://github.com/sympa-community/sympa/issues/1541)
79+
- Meaningful error message should be shown for unauthenticated user if privileges are required [\#1692](https://github.com/sympa-community/sympa/issues/1692)
80+
- Display name in `From:` header field should be quoted / unquoted appropriately [\#1572](https://github.com/sympa-community/sympa/pull/1572)
81+
- sympa instantiate: Progress bar could not be inactivated [\#1567](https://github.com/sympa-community/sympa/issues/1567)
82+
- WWSympa: Noise in Apache error_log [\#1325](https://github.com/sympa-community/sympa/issues/1325)
83+
- WWSympa: Enable autofilling of password only if necessary [\#1033](https://github.com/sympa-community/sympa/issues/1033)
84+
- WWSympa: Direct link to reject action crashes [\#1703](https://github.com/sympa-community/sympa/issues/1703)
85+
- SOAP: Broken output with SOAP API due to mixture of byte- and utf8-strings [\#1541](https://github.com/sympa-community/sympa/issues/1541)
86+
- MacPorts: Fixes for `service/sympa.in` [\#1642](https://github.com/sympa-community/sympa/pull/1642)
87+
- "warning: ignoring prerequisites on suffix rule definition" with GNU make 4.3 [\#1651](https://github.com/sympa-community/sympa/pull/1651)
88+
- Manually deleted list blocks closure of the list which has been included by the former [\#1660](https://github.com/sympa-community/sympa/issues/1660)
89+
- WWSympa: A workaround for the browser back to let the "Please Wait..." spinner remain [\#1666](https://github.com/sympa-community/sympa/pull/1666)
90+
- WWSympa: Lower the list of months in the calendar and allow it scrolling [\#1672](https://github.com/sympa-community/sympa/pull/1672)
91+
- RSS: lastBuildDate element in RSS feed was inproperly formatted [\#1680](https://github.com/sympa-community/sympa/pull/1680)
92+
- WWSympa: Fixes for Sympa Accessibility Issues - Review by UIUC
93+
[\#1744](https://github.com/sympa-community/sympa/issues/1744)
94+
[\#1747](https://github.com/sympa-community/sympa/issues/1747)
95+
[\#1748](https://github.com/sympa-community/sympa/issues/1748)
96+
[\#1751](https://github.com/sympa-community/sympa/issues/1751)
97+
[\#1752](https://github.com/sympa-community/sympa/issues/1752)
98+
[\#1753](https://github.com/sympa-community/sympa/issues/1753)
99+
[\#1761](https://github.com/sympa-community/sympa/issues/1761)
100+
[\#1763](https://github.com/sympa-community/sympa/issues/1763)
101+
[\#1767](https://github.com/sympa-community/sympa/issues/1767)
102+
[\#1776](https://github.com/sympa-community/sympa/issues/1776)
103+
- [CVE-2021-41183] [CVE-2021-41182] [CVE-2021-41184] [CVE-2022-31160] WWSympa: Update jquery-ui from 1.12.1 to 1.13.2 [\#1719](https://github.com/sympa-community/sympa/issues/1719)
104+
- DSN with status `4.3.0` may mess the parent(s) of nested list [\#1699](https://github.com/sympa-community/sympa/issues/1699)
105+
- `INFO` mail command pulls different owners and/or moderators than those with web UI [\#1732](https://github.com/sympa-community/sympa/issues/1732)
106+
- DKIM: Default value of `dkim_signature_apply_on` in domain context was ignored [\#1739](https://github.com/sympa-community/sympa/issues/1739)
107+
- Upgrade command should fail if no previuos version number can be found [\#1741](https://github.com/sympa-community/sympa/pull/1741)
108+
- WWSympa: Missing validation on Digest frequency in Edit Config [\#1742](https://github.com/sympa-community/sympa/issues/1742)
109+
- WWSympa: 🐛 — Fix error when rejecting message from direct URL [\#1687](https://github.com/sympa-community/sympa/pull/1687)
110+
- SOAP: Fix typos in `sympa.wsdl` [\#1676](https://github.com/sympa-community/sympa/issues/1676) [\#1696](https://github.com/sympa-community/sympa/issues/1696)
111+
- Crashes by "Can't locate object method "new" via package "Sympa::Aliases"" [\#1710](https://github.com/sympa-community/sympa/issues/1710)
112+
- WWSympa: Invalid input on sso\_login form floods listmaster notification [\#1654](https://github.com/sympa-community/sympa/issues/1654)
113+
- Deprecate "System log" setting in Listmaster Admin menu [\#1649](https://github.com/sympa-community/sympa/issues/1649)
114+
- Confusing labels for ttl and distribution\_ttl [\#896](https://github.com/sympa-community/sympa/issues/896)
115+
- Broken links in sympa\_config.pod [\#1675](https://github.com/sympa-community/sympa/pull/1675)
116+
- Some typos in docs and comments [\#1653](https://github.com/sympa-community/sympa/pull/1653)
117+
- Correct texts about obsoleted `dkim` authentication method for scenarios [\#1599](https://github.com/sympa-community/sympa/pull/1599)
118+
- When owners/moderators are added, "N subscribers added" is shown [\#1584](https://github.com/sympa-community/sympa/pull/1584)
119+
120+
**Merged pull requests:**
121+
122+
- Postpone making Unicode::UTF8 mandatory [\#1905](https://github.com/sympa-community/sympa/pull/1905)
123+
- Typos [\#1856](https://github.com/sympa-community/sympa/pull/1856)
124+
- Tracking: Remove outdated heuristics for bounce processing [\#1701](https://github.com/sympa-community/sympa/pull/1701)
125+
3126
## [6.2.72](https://github.com/sympa-community/sympa/tree/6.2.72) (2023-06-01)
4127

5128
[Full Changelog](https://github.com/sympa-community/sympa/compare/6.2.71b.1...6.2.72)

0 commit comments

Comments
 (0)