diff -r -u mailman-2.1.5.orig/Mailman/Cgi/private.py mailman-2.1.5/Mailman/Cgi/private.py
--- mailman-2.1.5.orig/Mailman/Cgi/private.py	2003-02-08 02:13:50.000000000 -0500
+++ mailman-2.1.5/Mailman/Cgi/private.py	2005-02-08 11:35:02.272307000 -0500
@@ -18,6 +18,7 @@
 """
 
 import os
+import re
 import sys
 import cgi
 import mimetypes
@@ -39,8 +40,7 @@
 
 def true_path(path):
     "Ensure that the path is safe by removing .."
-    path = path.replace('../', '')
-    path = path.replace('./', '')
+    path = re.sub('\.+/+', '', path)
     return path[1:]