mailman 1:2.1.26-1ubuntu0.5 source package in Ubuntu
Changelog
mailman (1:2.1.26-1ubuntu0.5) bionic-security; urgency=medium
* SECURITY UPDATE: XSS vulnerability
- debian/patches/CVE-2021-43331.patch: sanitize URL from user
option page in Mailman/Cgi/options.py.
- CVE-2021-43331
* SECURITY UPDATE: CSRF attack
- debian/patches/CVE-2021-43332.patch: checks authorizations
in Mailman/CSRFcheck.py, Mailman/Cgi/admindb.py.
- CVE-2021-43332
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 17 Nov 2021 09:29:36 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| mailman_2.1.26.orig.tar.gz | 8.8 MiB | 240177e1ef561ede88d7b48283c3835f39bbd0b1ae19100d3520cbe43058339f |
| mailman_2.1.26-1ubuntu0.5.debian.tar.xz | 104.3 KiB | 3fcadcfee7ec778e058b6aa0d04a708f239b710f8ecbeb66e5fef0f4e9a47e84 |
| mailman_2.1.26-1ubuntu0.5.dsc | 2.1 KiB | 713011005f77cce5ff768e22d5f3f4ff9be691ecab303582616b201d5fb1cdc4 |
Available diffs
Binary packages built by this source
- mailman: Web-based mailing list manager (legacy branch)
The GNU Mailing List Manager, which manages email discussion lists.
Mailman gives each mailing list a web page, and allows users to
subscribe, unsubscribe, etc. over the web. The list manager can
administer his or her list entirely from the web.
.
Mailman also integrates most things people want to do with mailing
lists, including archiving, mail <-> news gateways, and so on. It
has all of the features you expect from such a product, plus
integrated support for the web (including web based archiving),
automated bounce handling and integrated spam prevention.
.
Note that this package contains the legacy (2.x) branch of Mailman.
All new development happens in the Mailman 3 suite, available in
Debian via the mailman3 metapackage.
- mailman-dbgsym: debug symbols for mailman
