[ubuntu/hardy-security] mailman, mailman_2.1.9-9ubuntu1.4_powerpc_translations.tar.gz, mailman_2.1.9-9ubuntu1.4_ia64_translations.tar.gz, mailman_2.1.9-9ubuntu1.4_sparc_translations.tar.gz (delayed), mailman_2.1.9-9ubuntu1.4_hppa_translations.tar.gz, mailman_2.1.9-9ubuntu1.4_amd64_translations.tar.gz, mailman_2.1.9-9ubuntu1.4_i386_translations.tar.gz, mailman_2.1.9-9ubuntu1.4_lpia_translations.tar.gz 1:2.1.9-9ubuntu1.4 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue Feb 22 20:06:55 UTC 2011


mailman (1:2.1.9-9ubuntu1.4) hardy-security; urgency=low

  * SECURITY UPDATE: Cross-Site Scripting vulnerability in confirm.py
    - debian/patches/101_CVE-2011-0707.patch: properly clean strings in
      Mailman/Cgi/confirm.py.
    - CVE-2011-0707
  * SECURITY UPDATE: Cross-Site Scripting vulnerabilities in list
    information and description fields
    - debian/patches/102_CVE-2010-3089.patch: properly clean strings in
      Mailman/Cgi/{listinfo,HTMLFormatter,Utils}.py.
    - CVE-2010-3089

Date: Thu, 17 Feb 2011 10:10:41 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/mailman/1:2.1.9-9ubuntu1.4
-------------- next part --------------
Format: 1.7
Date: Thu, 17 Feb 2011 10:10:41 -0500
Source: mailman
Binary: mailman
Architecture: source
Version: 1:2.1.9-9ubuntu1.4
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 mailman    - Powerful, web-based mailing list manager
Changes: 
 mailman (1:2.1.9-9ubuntu1.4) hardy-security; urgency=low
 .
   * SECURITY UPDATE: Cross-Site Scripting vulnerability in confirm.py
     - debian/patches/101_CVE-2011-0707.patch: properly clean strings in
       Mailman/Cgi/confirm.py.
     - CVE-2011-0707
   * SECURITY UPDATE: Cross-Site Scripting vulnerabilities in list
     information and description fields
     - debian/patches/102_CVE-2010-3089.patch: properly clean strings in
       Mailman/Cgi/{listinfo,HTMLFormatter,Utils}.py.
     - CVE-2010-3089
Files: 
 610063181cf5ee4314d2df4af31c62c5 1669 mail optional mailman_2.1.9-9ubuntu1.4.dsc
 e5ed6d3259079e68a5ee38fdd47a907d 158439 mail optional mailman_2.1.9-9ubuntu1.4.diff.gz
Original-Maintainer: Mailman for Debian <pkg-mailman-hackers at lists.alioth.debian.org>


More information about the Hardy-changes mailing list