From ${URL} : A security vulnerability in Mailman has been found and fixed. It has been assigned CVE-2015-2775. The details of this vulnerability and fix will be announced next Tuesday, 31 March 2015, at which time both a patch for this specific vulnerability and Mailman 2.1.20 will be released. In addition to this security fix, Mailman 2.1.20 includes a new feature allowing a list owner to change a list member's address through the admin Membership Management... Section, and a couple of minor bug fixes. The new feature is a fix for <https://launchpad.net/bugs/266809>. The bugs fixed are: <https://launchpad.net/bugs/1426825>, <https://launchpad.net/bugs/1426829> and <https://launchpad.net/bugs/1427389>. The security vulnerability, the details of which are currently private, is <https://launchpad.net/bugs/1437145>. The security vulnerability only affects those installations which use Exim, Postfix's postfix_to_mailman.py or similar programmatic (not aliases) MTA delivery to Mailman, and have untrusted local users on the Mailman server. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Bumped, please stabilize mailman-2.1.20, target keywords: KEYWORDS="amd64 ppc x86" This is upstream's description of the vuln: - A path traversal vulnerability has been discovered and fixed. This vulnerability is only exploitable by a local user on a Mailman server where the suggested Exim transport, the Postfix postfix_to_mailman.py transport or some other programmatic MTA delivery not using aliases is employed. CVE-2015-2775 (LP: #1437145)
Stable for amd64/ppc/x86
Arches, Thank you for your work. Maintainer(s), please drop the vulnerable version(s). GLSA Vote: No
CVE-2015-2775 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2775): Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
It has been 30 days+ since cleanup requested. Maintainer(s), please drop the vulnerable version(s).
GLSA Vote: No
cleanup done.
Maintainer(s), Thank you for you for cleanup.