[ubuntu/karmic-security] mailman_2.1.12-2ubuntu0.2_armel_translations.tar.gz, mailman_2.1.12-2ubuntu0.2_lpia_translations.tar.gz, mailman, mailman_2.1.12-2ubuntu0.2_amd64_translations.tar.gz, mailman_2.1.12-2ubuntu0.2_i386_translations.tar.gz, mailman_2.1.12-2ubuntu0.2_sparc_translations.tar.gz (delayed), mailman_2.1.12-2ubuntu0.2_ia64_translations.tar.gz, mailman_2.1.12-2ubuntu0.2_powerpc_translations.tar.gz 1:2.1.12-2ubuntu0.2 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue Feb 22 20:05:51 UTC 2011


mailman (1:2.1.12-2ubuntu0.2) karmic-security; urgency=low

  * SECURITY UPDATE: Cross-Site Scripting vulnerability in confirm.py
    - debian/patches/80_CVE-2011-0707.patch: properly clean strings in
      Mailman/Cgi/confirm.py.
    - CVE-2011-0707
  * SECURITY UPDATE: Cross-Site Scripting vulnerabilities in list
    information and description fields
    - debian/patches/81_CVE-2010-3089.patch: properly clean strings in
      Mailman/Cgi/{listinfo,HTMLFormatter,Utils}.py.
    - CVE-2010-3089

Date: Thu, 17 Feb 2011 10:05:20 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/mailman/1:2.1.12-2ubuntu0.2
-------------- next part --------------
Format: 1.8
Date: Thu, 17 Feb 2011 10:05:20 -0500
Source: mailman
Binary: mailman
Architecture: source
Version: 1:2.1.12-2ubuntu0.2
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 mailman    - Powerful, web-based mailing list manager
Changes: 
 mailman (1:2.1.12-2ubuntu0.2) karmic-security; urgency=low
 .
   * SECURITY UPDATE: Cross-Site Scripting vulnerability in confirm.py
     - debian/patches/80_CVE-2011-0707.patch: properly clean strings in
       Mailman/Cgi/confirm.py.
     - CVE-2011-0707
   * SECURITY UPDATE: Cross-Site Scripting vulnerabilities in list
     information and description fields
     - debian/patches/81_CVE-2010-3089.patch: properly clean strings in
       Mailman/Cgi/{listinfo,HTMLFormatter,Utils}.py.
     - CVE-2010-3089
Checksums-Sha1: 
 d28d57c0a4757a6dcf7a7400fc51076e94e28be7 2078 mailman_2.1.12-2ubuntu0.2.dsc
 32596249116d2aaee8d7dc2f8dc20e6a41ebe04d 129415 mailman_2.1.12-2ubuntu0.2.diff.gz
Checksums-Sha256: 
 f6cd860dbe6257a6473ff2040dd8a0fe3e485ab9435e1c7073674e804a9ff81e 2078 mailman_2.1.12-2ubuntu0.2.dsc
 673c886b0b8c7c9f3b46b2b6cd5878521d513a575200ea8532d27dec26e6ce93 129415 mailman_2.1.12-2ubuntu0.2.diff.gz
Files: 
 5fd10464412a48d0875610cd9e0c2a19 2078 mail optional mailman_2.1.12-2ubuntu0.2.dsc
 ee767ed05a51dc926f2402f9c5592cea 129415 mail optional mailman_2.1.12-2ubuntu0.2.diff.gz
Original-Maintainer: Mailman for Debian <pkg-mailman-hackers at lists.alioth.debian.org>


More information about the Karmic-changes mailing list