[ubuntu/hardy-security] mailman, mailman_2.1.9-9ubuntu1.4_powerpc_translations.tar.gz, mailman_2.1.9-9ubuntu1.4_ia64_translations.tar.gz, mailman_2.1.9-9ubuntu1.4_sparc_translations.tar.gz (delayed), mailman_2.1.9-9ubuntu1.4_hppa_translations.tar.gz, mailman_2.1.9-9ubuntu1.4_amd64_translations.tar.gz, mailman_2.1.9-9ubuntu1.4_i386_translations.tar.gz, mailman_2.1.9-9ubuntu1.4_lpia_translations.tar.gz 1:2.1.9-9ubuntu1.4 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Tue Feb 22 20:06:55 UTC 2011
mailman (1:2.1.9-9ubuntu1.4) hardy-security; urgency=low
* SECURITY UPDATE: Cross-Site Scripting vulnerability in confirm.py
- debian/patches/101_CVE-2011-0707.patch: properly clean strings in
Mailman/Cgi/confirm.py.
- CVE-2011-0707
* SECURITY UPDATE: Cross-Site Scripting vulnerabilities in list
information and description fields
- debian/patches/102_CVE-2010-3089.patch: properly clean strings in
Mailman/Cgi/{listinfo,HTMLFormatter,Utils}.py.
- CVE-2010-3089
Date: Thu, 17 Feb 2011 10:10:41 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/mailman/1:2.1.9-9ubuntu1.4
-------------- next part --------------
Format: 1.7
Date: Thu, 17 Feb 2011 10:10:41 -0500
Source: mailman
Binary: mailman
Architecture: source
Version: 1:2.1.9-9ubuntu1.4
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
mailman - Powerful, web-based mailing list manager
Changes:
mailman (1:2.1.9-9ubuntu1.4) hardy-security; urgency=low
.
* SECURITY UPDATE: Cross-Site Scripting vulnerability in confirm.py
- debian/patches/101_CVE-2011-0707.patch: properly clean strings in
Mailman/Cgi/confirm.py.
- CVE-2011-0707
* SECURITY UPDATE: Cross-Site Scripting vulnerabilities in list
information and description fields
- debian/patches/102_CVE-2010-3089.patch: properly clean strings in
Mailman/Cgi/{listinfo,HTMLFormatter,Utils}.py.
- CVE-2010-3089
Files:
610063181cf5ee4314d2df4af31c62c5 1669 mail optional mailman_2.1.9-9ubuntu1.4.dsc
e5ed6d3259079e68a5ee38fdd47a907d 158439 mail optional mailman_2.1.9-9ubuntu1.4.diff.gz
Original-Maintainer: Mailman for Debian <pkg-mailman-hackers at lists.alioth.debian.org>
More information about the Hardy-changes
mailing list