Accepted mailman 2.1.5-5ubuntu1 (source)
Martin Pitt
martin.pitt at ubuntu.com
Wed Feb 9 15:45:03 CST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 9 Feb 2005 12:56:46 +0100
Source: mailman
Binary: mailman
Architecture: source
Version: 2.1.5-5ubuntu1
Distribution: hoary
Urgency: low
Maintainer: Tollef Fog Heen <tfheen at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
mailman - Powerful, web-based mailing list manager
Changes:
mailman (2.1.5-5ubuntu1) hoary; urgency=low
.
* SECURITY UPDATE: fix information disclosure
* Added debian/patches/04_CAN-2005-0202.dpatch:
Mailman/Cgi/private.py, true_path(): fix the removal of '..' and '.' from
private mail archive paths to prohibit path traversal (the former version
transformed ".....///" to "../")
* References:
CAN-2005-0202
Files:
3dd10e79498b195594321ed7af56ab41 654 mail optional mailman_2.1.5-5ubuntu1.dsc
2479257e3b24680324ccaf9e82277089 180537 mail optional mailman_2.1.5-5ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCCfq8DecnbV4Fd/IRAlaDAJ41R86ZOtEuiuFqcqjrKGKJrOzR5wCeP7MY
ntjokJYaoiTNYUHNh2hZMmA=
=XptJ
-----END PGP SIGNATURE-----
Accepted:
mailman_2.1.5-5ubuntu1.diff.gz
to pool/main/m/mailman/mailman_2.1.5-5ubuntu1.diff.gz
mailman_2.1.5-5ubuntu1.dsc
to pool/main/m/mailman/mailman_2.1.5-5ubuntu1.dsc
More information about the hoary-changes
mailing list