Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-094-1:1EA93
HistoryDec 15, 2001 - 12:00 a.m.

[SECURITY] [DSA-094-1] mailman cross-site scripting problem

2001-12-1500:00:00
lists.debian.org
11
JSON

Debian Security Advisory DSA-094-1 [email protected]
http://www.debian.org/security/ Wichert Akkerman
December 16, 2001

Package : mailman
Problem type : cross-site scripting hole
Debian-specific: no

Barry A. Warsaw reported several cross-site scripting security holes
in Mailman, due to non-existent escaping of CGI variables.

These have been fixed upstream in version 2.0.8, and the relevant
patches have been backported to version 1.1-10 in Debian.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

Debian GNU/Linux 2.2 alias potato

Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

Source archives:
http://security.debian.org/dists/stable/updates/main/source/mailman_1.1-10.diff.gz
MD5 checksum: a9ae9e389e13622a9dd8a70a6a57f2b7
http://security.debian.org/dists/stable/updates/main/source/mailman_1.1-10.dsc
MD5 checksum: 8c77bc3c07be39e8ced4d85882eedf21
http://security.debian.org/dists/stable/updates/main/source/mailman_1.1.orig.tar.gz
MD5 checksum: 42d499f4e1de6959c50b20a4eb0f432a

Alpha architecture:
http://security.debian.org/dists/stable/updates/main/binary-alpha/mailman_1.1-10_alpha.deb
MD5 checksum: 67f8c3c723ec8797117d1fed29f41369

ARM architecture:
http://security.debian.org/dists/stable/updates/main/binary-arm/mailman_1.1-10_arm.deb
MD5 checksum: 80d1fbee3ae7bab5e73ce860b4d8da87

Intel IA-32 architecture:
http://security.debian.org/dists/stable/updates/main/binary-i386/mailman_1.1-10_i386.deb
MD5 checksum: 27c9d400360a99b39954f563f5d0ed43

Motorola 680x0 architecture:
http://security.debian.org/dists/stable/updates/main/binary-m68k/mailman_1.1-10_m68k.deb
MD5 checksum: 2a62ce782f5510f24458050e4c3331d9

PowerPC architecture:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/mailman_1.1-10_powerpc.deb
MD5 checksum: 9239fc74b76ec983b3009a194dc4ce2c

Sun Sparc architecture:
http://security.debian.org/dists/stable/updates/main/binary-sparc/mailman_1.1-10_sparc.deb
MD5 checksum: ad498878cdc9901e92e4b775e023f610

These packages will be moved into the stable distribution on its next
revision.

For not yet released architectures please refer to the appropriate
directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .

apt-get: deb http://security.debian.org/ stable/updates main
dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]

JSON