Index: ACKNOWLEDGMENTS
===================================================================
RCS file: /cvsroot/mailman/mailman/ACKNOWLEDGMENTS,v
retrieving revision 1.35.2.1
retrieving revision 1.35.2.2
diff -u -r1.35.2.1 -r1.35.2.2
--- ACKNOWLEDGMENTS	3 Apr 2002 05:07:52 -0000	1.35.2.1
+++ ACKNOWLEDGMENTS	20 May 2002 15:07:49 -0000	1.35.2.2
@@ -62,9 +62,11 @@
     Dan Mick
     Balazs Nagy
     Hrvoje Niksic
+    "office"
     Gerald Oskoboiny
     Sean Reifschneider
     Bernhard Reiter
+    Tristan Roddis
     Chris Snell
     Greg Stein
     Owen Taylor
Index: FAQ
===================================================================
RCS file: /cvsroot/mailman/mailman/FAQ,v
retrieving revision 1.18.2.3
retrieving revision 1.18.2.4
diff -u -r1.18.2.3 -r1.18.2.4
--- FAQ	27 Nov 2001 22:45:22 -0000	1.18.2.3
+++ FAQ	19 Apr 2002 03:34:01 -0000	1.18.2.4
@@ -2,8 +2,9 @@
 Copyright (C) 1998,1999,2000,2001 by the Free Software Foundation, Inc.
 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
 
-FREQUENTLY ASKED QUESTIONS
 See also http://www.python.org/cgi-bin/faqw-mm.py
+
+FREQUENTLY ASKED QUESTIONS
 
 Q. How do you spell this program?
 
Index: NEWS
===================================================================
RCS file: /cvsroot/mailman/mailman/NEWS,v
retrieving revision 1.25.2.14
retrieving revision 1.25.2.15
diff -u -r1.25.2.14 -r1.25.2.15
--- NEWS	9 Apr 2002 20:57:40 -0000	1.25.2.14
+++ NEWS	20 May 2002 15:22:32 -0000	1.25.2.15
@@ -4,6 +4,11 @@
 
 Here is a history of user visible changes to Mailman.
 
+2.0.11 (20-May-2002)
+
+    - Closed two cross-site scripting vulnerabilities: one in the
+      admin login page, and one in the HTML archive indices.
+
 2.0.10 (09-Apr-2002)
 
     - Closed another small race condition.
Index: Mailman/Utils.py
===================================================================
RCS file: /cvsroot/mailman/mailman/Mailman/Utils.py,v
retrieving revision 1.104.2.6
retrieving revision 1.104.2.8
diff -u -r1.104.2.6 -r1.104.2.8
--- Mailman/Utils.py	4 Apr 2002 21:14:23 -0000	1.104.2.6
+++ Mailman/Utils.py	20 May 2002 14:37:32 -0000	1.104.2.8
@@ -30,6 +30,7 @@
 import time
 import socket
 import random
+import cgi
 from UserDict import UserDict
 from types import StringType
 import random
@@ -610,7 +611,7 @@
 
 
 
-def GetRequestURI(fallback=None):
+def GetRequestURI(fallback=None, escape=1):
     """Return the full virtual path this CGI script was invoked with.
 
     Newer web servers seems to supply this info in the REQUEST_URI
@@ -621,13 +622,17 @@
     Optional argument `fallback' (default `None') is returned if both of
     the above methods fail.
 
+    The url will be cgi escaped to prevent cross-site scripting attacks,
+    unless `escape' is set to 0.
     """
+    url = fallback
     if os.environ.has_key('REQUEST_URI'):
-        return os.environ['REQUEST_URI']
+        url = os.environ['REQUEST_URI']
     elif os.environ.has_key('SCRIPT_NAME') and os.environ.has_key('PATH_INFO'):
-        return os.environ['SCRIPT_NAME'] + os.environ['PATH_INFO']
-    else:
-        return fallback
+        url = os.environ['SCRIPT_NAME'] + os.environ['PATH_INFO']
+    if escape:
+        return cgi.escape(url)
+    return url
 
 
 
Index: Mailman/Version.py
===================================================================
RCS file: /cvsroot/mailman/mailman/Mailman/Version.py,v
retrieving revision 1.20.2.10
retrieving revision 1.20.2.11
diff -u -r1.20.2.10 -r1.20.2.11
--- Mailman/Version.py	9 Apr 2002 21:06:16 -0000	1.20.2.10
+++ Mailman/Version.py	20 May 2002 15:16:08 -0000	1.20.2.11
@@ -15,7 +15,7 @@
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 
 # Mailman version
-VERSION = "2.0.10"
+VERSION = "2.0.11"
 
 # And as a hex number in the manner of PY_VERSION_HEX
 ALPHA = 0xa
@@ -27,7 +27,7 @@
 
 MAJOR_REV = 2
 MINOR_REV = 0
-MICRO_REV = 10
+MICRO_REV = 11
 REL_LEVEL = FINAL
 # at most 15 beta releases!
 REL_SERIAL = 0
Index: Mailman/Archiver/HyperArch.py
===================================================================
RCS file: /cvsroot/mailman/mailman/Mailman/Archiver/HyperArch.py,v
retrieving revision 1.46.2.1
retrieving revision 1.46.2.2
diff -u -r1.46.2.1 -r1.46.2.2
--- Mailman/Archiver/HyperArch.py	2 Apr 2002 23:39:35 -0000	1.46.2.1
+++ Mailman/Archiver/HyperArch.py	20 May 2002 15:02:49 -0000	1.46.2.2
@@ -58,13 +58,9 @@
 
 
 def html_quote(s):
-    repls = ( ('&', '&'),
-	      ("<", '&lt;'),
-	      (">", '&gt;'),
-	      ('"', '&quot;'))
-    for thing, repl in repls:
-	s = string.replace(s, thing, repl)
-    return s
+    return cgi.escape(s, 1)
+
+CGIescape = html_quote
 
 def url_quote(s):
     return urllib.quote(s)
@@ -136,10 +132,6 @@
 html_charset = '<META http-equiv="Content-Type" ' \
                'content="text/html; charset=%s">'
 
-def CGIescape(arg): 
-    s = cgi.escape(str(arg))
-    return string.replace(s, '"', '&quot;')
-
 # Parenthesized human name
 paren_name_pat = re.compile(r'([(].*[)])') 
 
@@ -877,8 +869,10 @@
             subject = d.get("subject", article.subject)
             author = d.get("author", article.author)
         else:
-            subject = CGIescape(article.subject)
-            author = CGIescape(article.author)
+            subject = article.subject
+            author = article.author
+        subject = CGIescape(subject)
+        author = CGIescape(author)
         print index_entry_template % (urllib.quote(article.filename),
                                       subject, article.sequence, author)
 
Index: admin/bin/faq2ht.py
===================================================================
RCS file: /cvsroot/mailman/mailman/admin/bin/faq2ht.py,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- admin/bin/faq2ht.py	27 Nov 2001 22:47:50 -0000	1.1.2.1
+++ admin/bin/faq2ht.py	19 Apr 2002 03:33:33 -0000	1.1.2.2
@@ -39,6 +39,9 @@
     print >> out, '''\
 Title: Mailman Frequently Asked Questions
 
+See also the <a href="http://www.python.org/cgi-bin/faqw-mm.py">Mailman
+FAQ Wizard</a> for more information.
+
  <h3>Mailman Frequently Asked Questions</h3>
 '''
     first = 1
Index: admin/www/download.ht
===================================================================
RCS file: /cvsroot/mailman/mailman/admin/www/download.ht,v
retrieving revision 1.5.2.13
retrieving revision 1.5.2.14
diff -u -r1.5.2.13 -r1.5.2.14
--- admin/www/download.ht	18 Apr 2002 03:49:52 -0000	1.5.2.13
+++ admin/www/download.ht	20 May 2002 15:17:42 -0000	1.5.2.14
@@ -60,9 +60,9 @@
 <h3>Downloading</h3>
 
 <p>Version
-(<!-VERSION--->2.0.10<!-VERSION--->,
+(<!-VERSION--->2.0.11<!-VERSION--->,
 released on
-<!-DATE--->Apr 17 2002<!-DATE--->)
+<!-DATE--->May 20 2002<!-DATE--->)
 is the current GNU release.  It is available from the following mirror sites:
 
 <ul>
Index: admin/www/download.html
===================================================================
RCS file: /cvsroot/mailman/mailman/admin/www/download.html,v
retrieving revision 1.6.2.15
retrieving revision 1.6.2.16
diff -u -r1.6.2.15 -r1.6.2.16
--- admin/www/download.html	18 Apr 2002 03:49:52 -0000	1.6.2.15
+++ admin/www/download.html	20 May 2002 15:17:42 -0000	1.6.2.16
@@ -1,7 +1,7 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <html>
 <!-- THIS PAGE IS AUTOMATICALLY GENERATED.  DO NOT EDIT. -->
-<!-- Wed Apr 17 23:48:35 2002 -->
+<!-- Mon May 20 11:16:31 2002 -->
 <!-- USING HT2HTML 2.0 -->
 <!-- SEE http://ht2html.sf.net -->
 <!-- User-specified headers:
@@ -246,9 +246,9 @@
 <h3>Downloading</h3>
 
 <p>Version
-(<!-VERSION--->2.0.10<!-VERSION--->,
+(<!-VERSION--->2.0.11<!-VERSION--->,
 released on
-<!-DATE--->Apr 17 2002<!-DATE--->)
+<!-DATE--->May 20 2002<!-DATE--->)
 is the current GNU release.  It is available from the following mirror sites:
 
 <ul>
Index: admin/www/faq.ht
===================================================================
RCS file: /cvsroot/mailman/mailman/admin/www/faq.ht,v
retrieving revision 1.2.2.2
retrieving revision 1.2.2.3
diff -u -r1.2.2.2 -r1.2.2.3
--- admin/www/faq.ht	27 Nov 2001 22:27:42 -0000	1.2.2.2
+++ admin/www/faq.ht	19 Apr 2002 03:36:23 -0000	1.2.2.3
@@ -1,11 +1,13 @@
 Title: Mailman Frequently Asked Questions
 
+See also the <a href="http://www.python.org/cgi-bin/faqw-mm.py">Mailman
+FAQ Wizard</a> for more information.
+
  <h3>Mailman Frequently Asked Questions</h3>
 
 <b> Q. How do you spell this program?
 
-</b><br> See also <a href="http://www.python.org/cgi-bin/faqw-mm.py">http://www.python.org/cgi-bin/faqw-mm.py</a>
-<p> A. You spell it "Mailman", with a leading capital "M" and a lowercase
+</b><br> A. You spell it "Mailman", with a leading capital "M" and a lowercase
    second "m".  It is incorrect to spell it "MailMan" (i.e. you should
    not use StudlyCaps).
 <p> <b> Q. I'm getting really terrible performance for outgoing messages.  It
Index: admin/www/faq.html
===================================================================
RCS file: /cvsroot/mailman/mailman/admin/www/faq.html,v
retrieving revision 1.10.2.4
retrieving revision 1.10.2.5
diff -u -r1.10.2.4 -r1.10.2.5
--- admin/www/faq.html	4 Apr 2002 18:07:26 -0000	1.10.2.4
+++ admin/www/faq.html	19 Apr 2002 03:36:23 -0000	1.10.2.5
@@ -1,7 +1,7 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <html>
 <!-- THIS PAGE IS AUTOMATICALLY GENERATED.  DO NOT EDIT. -->
-<!-- Thu Apr  4 12:57:32 2002 -->
+<!-- Thu Apr 18 23:35:52 2002 -->
 <!-- USING HT2HTML 2.0 -->
 <!-- SEE http://ht2html.sf.net -->
 <!-- User-specified headers:
@@ -162,12 +162,14 @@
 <!-- end of sidebar cell -->
 <!-- start of body cell -->
 <td valign="top" width="90%" class="body"><br>
+See also the <a href="http://www.python.org/cgi-bin/faqw-mm.py">Mailman
+FAQ Wizard</a> for more information.
+
  <h3>Mailman Frequently Asked Questions</h3>
 
 <b> Q. How do you spell this program?
 
-</b><br> See also <a href="http://www.python.org/cgi-bin/faqw-mm.py">http://www.python.org/cgi-bin/faqw-mm.py</a>
-<p> A. You spell it "Mailman", with a leading capital "M" and a lowercase
+</b><br> A. You spell it "Mailman", with a leading capital "M" and a lowercase
    second "m".  It is incorrect to spell it "MailMan" (i.e. you should
    not use StudlyCaps).
 <p> <b> Q. I'm getting really terrible performance for outgoing messages.  It