Bug 56865 - Security updates have been released by the authors
Security updates have been released by the authors
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: mailman (Show other bugs)
7.2
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-11-28 23:35 EST by mcisar
Modified: 2008-05-01 11:38 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-11-28 23:35:06 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description mcisar 2001-11-28 23:35:00 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)

Description of problem:
This clip was recently posted by the authors of Mailman...

Hot on the heels of Mailman 2.0.7, I'm now releasing 2.0.8 which fixes 
several cross-site scripting security holes, and a few other minor bug 
fixes.  More information on cross-site scripting exploits in general can 
be found at

    http://www.cert.org/advisories/CA-2000-02.html

I recommend anybody running a version of Mailman up to, and including 
2.0.7 to upgrade to version 2.0.8.

I've made both full source tarballs and patches available.  Actually, 
patches going all the way back to 2.0 are now available on SourceForge.  
See

    http://sourceforge.net/project/showfiles.php?group_id=103

for links to download all the patches and the source tarball.  If you 
decide to install the patches, please do read the release notes first:

    http://sourceforge.net/project/shownotes.php?release_id=63042

Currently the SourceForge and www.list.org sites are up-to-date, and I 
expect the gnu.org site to be updated soon.

See also:

    http://www.gnu.org/software/mailman
    http://www.list.org
    http://mailman.sf.net

I've also included links on the FAQ page to the Mailman FAQ wizard. 
Thanks everybody for contributing good entries!  (I may do some reorg 
when I get a chance.)  See the FAQ wizard at

    http://www.python.org/cgi-bin/faqw-mm.py

Cheers,
-Barry

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
See Description for details.

Additional info:
Comment 1 Nalin Dahyabhai 2002-01-18 13:09:26 EST
Errata has been released: https://www.redhat.com/support/errata/RHSA-2001-168.html

Note You need to log in before you can comment on or make changes to this bug.