[ubuntu/xenial-security] mailman 1:2.1.20-1ubuntu0.4 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Wed Apr 29 14:51:44 UTC 2020
mailman (1:2.1.20-1ubuntu0.4) xenial-security; urgency=medium
* SECURITY UPDATE: XSS vulnerability
- debian/patches/93_CVE-2018-0618.patch: avoiding
injections in Mailman/Gui/General.py, Mailman/Utils.py,
Mailman/Gui/GUIBase.py
- CVE-2018-0618
* SECURITY UPDATE: Arbitrary text injection
- debian/patches/94_CVE-2018-13796.patch: check for injections
in Mailmain/Utils.py.
- CVE-2018-13796
* SECURITY UPDATE: XSS vulnerability
- debian/patches/CVE-2020-12137.diff: use .bin extension
for scrubbed application/octet-stream files in
Mailman/Handlers/Scrubber.py.
- CVE-2020-12137
Date: 2020-04-28 18:42:14.869630+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/mailman/1:2.1.20-1ubuntu0.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list