[ubuntu/dapper-security] mailman, mailman (delayed) 2.1.5-9ubuntu4.4 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Tue Feb 22 20:07:04 UTC 2011
mailman (2.1.5-9ubuntu4.4) dapper-security; urgency=low
* SECURITY UPDATE: Cross-Site Scripting vulnerability in confirm.py
- debian/patches/101_CVE-2011-0707.dpatch: properly clean strings in
Mailman/Cgi/confirm.py.
- CVE-2011-0707
* SECURITY UPDATE: Cross-Site Scripting vulnerabilities in list
information and description fields
- debian/patches/102_CVE-2010-3089.dpatch: properly clean strings in
Mailman/Cgi/{listinfo,HTMLFormatter,Utils}.py.
- CVE-2010-3089
Date: Thu, 17 Feb 2011 10:14:56 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Tollef Fog Heen <tfheen at debian.org>
https://launchpad.net/ubuntu/dapper/+source/mailman/2.1.5-9ubuntu4.4
-------------- next part --------------
Format: 1.7
Date: Thu, 17 Feb 2011 10:14:56 -0500
Source: mailman
Binary: mailman
Architecture: source
Version: 2.1.5-9ubuntu4.4
Distribution: dapper-security
Urgency: low
Maintainer: Tollef Fog Heen <tfheen at debian.org>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
mailman - Powerful, web-based mailing list manager
Changes:
mailman (2.1.5-9ubuntu4.4) dapper-security; urgency=low
.
* SECURITY UPDATE: Cross-Site Scripting vulnerability in confirm.py
- debian/patches/101_CVE-2011-0707.dpatch: properly clean strings in
Mailman/Cgi/confirm.py.
- CVE-2011-0707
* SECURITY UPDATE: Cross-Site Scripting vulnerabilities in list
information and description fields
- debian/patches/102_CVE-2010-3089.dpatch: properly clean strings in
Mailman/Cgi/{listinfo,HTMLFormatter,Utils}.py.
- CVE-2010-3089
Files:
5c7aff5e4724b0f37e73165c57174819 1275 mail optional mailman_2.1.5-9ubuntu4.4.dsc
f863a1a24aa3b324374c5ef6c73d40e8 233552 mail optional mailman_2.1.5-9ubuntu4.4.diff.gz
More information about the dapper-changes
mailing list