Mailman DoS It is possible to prevent a mailing list from functioning properly by sending a misformed multipart message to a mailman list. This malformed message would prevent new messages sent to a list from being processed. Fixed in 2.1.6 Here is the original message: http://mail.python.org/pipermail/mailman-users/2005-June/045107.html Here is the patch: http://cvs.sourceforge.net/viewcvs.py/mailman/mailman/Mailman/Handlers/Scrubber.py?r1=2.18.2.12&r2=2.18.2.13 CVE-2006-0052 Doesn't affect: FC5 (version) This issue also affects RHEL3
No new package for RHEL after a month? BTW: should a security related bug not get a dedicated mark?
Oops, there must be a problem in bugzilla. Like currently seen in https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187421 Keywords: Security before I was able to submit my comment, I had to remove this keyword, before I could not submit it (get a red message like "can't change keywords from none to security") But after submission, following occurs: bugzilla changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|security |normal Keywords| |Security Looks like this change was caused by an internal process of bugzilla (and not my intention, severity should be sure stay "security".
mailman-debuginfo-2.1.5.1-25.rhel3.5 mailman-2.1.5.1-25.rhel3.5 mailman-2.1.5.1-34.rhel4.3 mailman-debuginfo-2.1.5.1-34.rhel4.3
------- Additional Comments From bugzilla 2006-06-09 11:01 EST ------- An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0486.html