Gentoo Forums :: View topic - [gentoo-security] GLSA: mailman

[gentoo-security] GLSA: mailman

View unanswered posts
View posts from last 24 hours

Gentoo Forums Forum Index

News & Announcements

View previous topic :: View next topic

Author

Message

pjp
Administrator

Joined: 16 Apr 2002
Posts: 20589

Posted: Tue Feb 18, 2003 2:18 pm Post subject: [gentoo-security] GLSA: mailman

Daniel Ahlberg wrote:

- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200302-05
- - ---------------------------------------------------------------------

PACKAGE : mailman
SUMMARY : cross site scripting
DATE : 2003-02-17 09:16 UTC
EXPLOIT : remote

- - ---------------------------------------------------------------------

The email variable and the default error page in mailmain 2.1 contains
cross site scripting vulnerabilities.

Read the full advisory at:
http://marc.theaimsgroup.com/?l=bugtraq&m=104342745916111&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-mail/mailman upgrade to mailman-2.1.1 as follows:

emerge sync
emerge -u mailman
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz
- - ---------------------------------------------------------------------

Mailing List Archive: Unavailable
_________________
Quis separabit? Quo animo?

Display posts from previous:

	Gentoo Forums Forum Index News & Announcements	All times are GMT
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy