Bug 129136 - net-mail/mailman XSS issues
|
Bug#:
129136
|
Product: Gentoo Security
|
Version: unspecified
|
Platform: All
|
|
OS/Version: Linux
|
Status: RESOLVED
|
Severity: minor
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: security@gentoo.org
|
Reported By: jaervosz@gentoo.org
|
|
Component: Vulnerabilities
|
|
|
URL:
http://mail.python.org/pipermail/mailman-announce/2006-April/000084.html
|
|
Summary: net-mail/mailman XSS issues
|
|
Keywords:
|
|
Status Whiteboard: B4 [noglsa] DerCorny
|
|
Opened: 2006-04-07 07:42 0000
|
Mailman 2.1.8rc1 was released for the final test of 2.1.8.
Important: This is not only a release candidate but also include a fix
for a cross-site scripting bug found in 2.1.7. All sites running
previous versions are adviced to upgrade to 2.1.8(rc1). I am going to
release the final by the next weekend if nothing serious happens.
net-mail, please provide fixed ebuilds, thank you. Do you want to wait for
stable (B4 has a target delay of 20days, btw)?
net-mail team is not interested in maintain this package. It has a list of open
bugs ( http://tinyurl.com/fhhet ) and we don't have enough man power to test it
with every MTAs that mailman supports. Please find a new maintainer or
package.mask --> remove it from the tree.
Best regards,
Tuan V.
core mailed about new maintainer.
*** Bug 124624 has been marked as a duplicate of this bug. ***
mholzer/hanno please update maintainer information in metadata.xml
Arches please test and mark mailman-2.1.8_rc1 stable.
This one is ready for GLSA decision. I tend to vote NO.
