OPENSUSE-SU-2021:1436-1 Security update for mailman

This update for mailman fixes the following issues: Update to 2.1.35 to fix 2 security issues: - A potential for for a list member to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas, Richard Cloke and Andy Nuttall of Apple. This is fixe...

OPENSUSE-SU-2020:1752-1 Recommended update for mailman

This update for mailman to version 2.1.34 fixes the following issues: - The fix for lp1859104 can result in ValueError being thrown on attempts to subscribe to a list. This is fixed and extended to apply REFUSESECONDPENDING to unsubscription as well. lp1878458 - DMARC mitigation no longer misses ...

openSUSE Security Update : mailman (openSUSE-2020-1707)

This update for mailman to version 2.1.34 fixes the following issues : - The fix for lp1859104 can result in ValueError being thrown on attempts to subscribe to a list. This is fixed and extended to apply REFUSESECONDPENDING to unsubscription as well. lp1878458 - DMARC mitigation no longer misses...

Recommended update for mailman (moderate)

openSUSE Security Update: Recommended update for mailman Announcement ID: openSUSE-SU-2020:1752-1 Rating: moderate References: 1171363 1173369 Cross-References: CVE-2020-12108 CVE-2020-12137 CVE-2020-15011 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes three vulnerabilities...

OPENSUSE-SU-2020:1707-1 Recommended update for mailman

This update for mailman to version 2.1.34 fixes the following issues: - The fix for lp1859104 can result in ValueError being thrown on attempts to subscribe to a list. This is fixed and extended to apply REFUSESECONDPENDING to unsubscription as well. lp1878458 - DMARC mitigation no longer misses ...

Recommended update for mailman (moderate)

openSUSE Security Update: Recommended update for mailman Announcement ID: openSUSE-SU-2020:1707-1 Rating: moderate References: 1171363 1173369 Cross-References: CVE-2020-12108 CVE-2020-12137 CVE-2020-15011 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is now...

OPENSUSE-SU-2020:0156-1 Security update for mailman

This update for mailman fixes the following issues: - CVE-2019-3693: Fixed a privilege escalation during package install. Could be exploited by a local users who is members of the the mailman group. boo1154328 This update was imported from the openSUSE:Leap:15.1:Update update project...

openSUSE Security Update : mailman (openSUSE-2019-495)

This update for mailman to version 2.1.27 fixes the following issues : This security issue was fixed : - CVE-2018-0618: Additional protections against injecting scripts into listinfo and error messages pages bsc1099510. These non-security issues were fixed : - The hash generated when...

Security update for mailman (moderate)

This update for mailman fixes the following issues: Security issue fixed: - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list name messages inside the web UI boo1101288. Bug fixes: - update to 2.1.29: Fixed the listinfo and admin overview pages that were broken - update to...

DSA-4108-1 mailman - security update

Bulletin has no description...

DLA-1272-1 mailman - security update

Bulletin has no description...

openSUSE 10 Security Update : mailman (mailman-2170)

This update of mailman fixes the following security issues : - A malicious user could visit a specially crafted URI and inject an apparent log message into Mailman's error log which might induce an unsuspecting administrator to visit a phishing site. This has been blocked. Thanks to Moritz Nauman...

DSA-674-2 mailman - cross-site scripting, directory traversal

Due to an incompatibility between Python 1.5 and 2.1 the last mailman update did not run with Python 1.5 anymore. This problem is corrected with this update. This advisory only updates the packages updated with DSA 674-2. The version in unstable is not affected since it is not supposed to work wi...

Fedora Core 1 : mailman-2.1.4-1 (2004-060)

A cross-site scripting XSS vulnerability exists in the admin CGI script for Mailman before 2.1.4. This update moves Mailman to version 2.1.4 which is not vulnerable to this issue. Updated packages were made available in February 2004 however the original update notification email did not make it ...

RHEL 2.1 : mailman (RHSA-2002:125)

Updated mailman packages are now available for Red Hat Linux Advanced Server. These updates resolve a cross-site scripting vulnerability present in versions of Mailman prior to 2.0.11. Two cross-site scripting vulnerabilities have been discovered in versions of Mailman prior to version 2.0.11...

RHEL 2.1 : mailman (RHSA-2002:181)

Updated mailman packages are now available for Red Hat Linux Advanced Server. These updates close a cross-site scripting vulnerability present in mailman versions prior to version 2.0.12. Mailman versions prior to 2.0.12 contain a cross-site scripting vulnerability in the processing of invalid...

mailman -- password disclosure

Barry Warsaw reports: Today I am releasing Mailman 2.1.5, a bug fix release ... This version also contains a fix for an exploit that could allow 3rd parties to retrieve member passwords. It is thus highly recommended that all existing sites upgrade to the latest version...

Important: Red Hat Security Advisory: : Updated mailman packages close cross-site scripting vulnerability

Updated mailman packages are now available for Red Hat Power Tools 7 and 7.1. These updates close a cross-site scripting vulnerability present in mailman versions prior to version 2.0.12. Mailman versions prior to 2.0.12 contain a cross-site scripting vulnerability in the processing of invalid...

Important: Red Hat Security Advisory: : Updated mailman packages close cross-site scripting vulnerability

Updated mailman packages are now available for Red Hat Linux 7.2 and 7.3. These updates close a cross-site scripting vulnerability present in mailman versions prior to version 2.0.12. Mailman versions prior to 2.0.12 contain a cross-site scripting vulnerability in the processing of invalid reques...

[SECURITY] [DSA 147-1] New mailman packages fix cross-site scripting problem

-------------------------------------------------------------------------- Debian Security Advisory DSA 147-1 [email protected] http://www.debian.org/security/ Martin Schulze August 8th, 2002 - -------------------------------------------------------------------------- Package : mailman...