129136 2006-04-07 07:42 0000 net-mail/mailman XSS issues 2006-05-01 11:49:56 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://mail.python.org/pipermail/mailman-announce/2006-April/000084.html B4 [noglsa] DerCorny P2 minor --- 1 jaervosz@gentoo.org security@gentoo.org bughunter@jankoh.dyndns.org hanno@gentoo.org net-mail@gentoo.org jaervosz@gentoo.org 2006-04-07 07:42:17 0000 Mailman 2.1.8rc1 was released for the final test of 2.1.8. Important: This is not only a release candidate but also include a fix for a cross-site scripting bug found in 2.1.7. All sites running previous versions are adviced to upgrade to 2.1.8(rc1). I am going to release the final by the next weekend if nothing serious happens. dercorny@gentoo.org 2006-04-07 10:43:59 0000 net-mail, please provide fixed ebuilds, thank you. Do you want to wait for stable (B4 has a target delay of 20days, btw)? langthang@gentoo.org 2006-04-12 15:26:50 0000 net-mail team is not interested in maintain this package. It has a list of open bugs ( http://tinyurl.com/fhhet ) and we don't have enough man power to test it with every MTAs that mailman supports. Please find a new maintainer or package.mask --> remove it from the tree. Best regards, Tuan V. jaervosz@gentoo.org 2006-04-12 22:57:22 0000 core mailed about new maintainer. mholzer@gentoo.org 2006-04-14 09:29:46 0000 *** Bug 124624 has been marked as a duplicate of this bug. *** mholzer@gentoo.org 2006-04-14 09:51:17 0000 ebuild in cvs jaervosz@gentoo.org 2006-04-15 00:40:49 0000 mholzer/hanno please update maintainer information in metadata.xml Arches please test and mark mailman-2.1.8_rc1 stable. dertobi123@gentoo.org 2006-04-15 08:18:12 0000 ppc stable weeve@gentoo.org 2006-04-15 17:16:00 0000 Stable on SPARCenstein halcy0n@gentoo.org 2006-04-16 20:58:08 0000 x86 stable koon@gentoo.org 2006-04-28 12:20:20 0000 amd64 is late metalgod@gentoo.org 2006-04-29 09:21:47 0000 amd64 done! jaervosz@gentoo.org 2006-04-30 09:06:02 0000 This one is ready for GLSA decision. I tend to vote NO. dercorny@gentoo.org 2006-04-30 15:36:02 0000 Voting no, too falco@gentoo.org 2006-05-01 01:57:55 0000 i tend to vote no koon@gentoo.org 2006-05-01 11:49:56 0000 Voting no and closing.