mailman 1:2.1.26-1ubuntu0.4 source package in Ubuntu
Changelog
mailman (1:2.1.26-1ubuntu0.4) bionic-security; urgency=medium
* SECURITY UPDATE: Potential Privilege escalation via the user
options page. (LP: #1947639)
- debian/patches/CVE-2021-42096-CVE-2021-42097.patch: Always make
the CSRF token for the user
- CVE-2021-42096
* SECURITY UPDATE: Potential CSRF attack via the user options page
(LP: #1947640)
- debian/patches/CVE-2021-42096-CVE-2021-42097.patch: ensure token
is for the user whose option page is being requested
- CVE-2021-42097
-- Steve Beattie <email address hidden> Thu, 21 Oct 2021 14:24:48 -0700
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| mailman_2.1.26.orig.tar.gz | 8.8 MiB | 240177e1ef561ede88d7b48283c3835f39bbd0b1ae19100d3520cbe43058339f |
| mailman_2.1.26-1ubuntu0.4.debian.tar.xz | 103.9 KiB | a4656f80e609b13c9f9a83c72292bf39bad176c6ee03f6c65de81ecab6667cbc |
| mailman_2.1.26-1ubuntu0.4.dsc | 2.1 KiB | a0e650c64542ab4f853388a29698f0714e465618f73aed2c3a873b4219a97c87 |
Available diffs
Binary packages built by this source
- mailman: Web-based mailing list manager (legacy branch)
The GNU Mailing List Manager, which manages email discussion lists.
Mailman gives each mailing list a web page, and allows users to
subscribe, unsubscribe, etc. over the web. The list manager can
administer his or her list entirely from the web.
.
Mailman also integrates most things people want to do with mailing
lists, including archiving, mail <-> news gateways, and so on. It
has all of the features you expect from such a product, plus
integrated support for the web (including web based archiving),
automated bounce handling and integrated spam prevention.
.
Note that this package contains the legacy (2.x) branch of Mailman.
All new development happens in the Mailman 3 suite, available in
Debian via the mailman3 metapackage.
- mailman-dbgsym: debug symbols for mailman
