-
mailman (1:2.1.14-3ubuntu0.4) precise-security; urgency=medium
* SECURITY UPDATE: CSRF vulnerability in the admin interface
- debian/patches/CVE-2016-7123.patch: add CSRF checks to
Mailman/CSRFcheck.py, Mailman/Cgi/admin.py, Mailman/Defaults.py.in,
Mailman/htmlformat.py.
- CVE-2016-7123
* SECURITY UPDATE: CSRF vulnerability in the user options page
- debian/patches/CVE-2016-6893.patch: add CSRF checks to
Mailman/Cgi/admindb.py, Mailman/Cgi/edithtml.py,
Mailman/Cgi/options.py, Mailman/HTMLFormatter.py,
Mailman/htmlformat.py.
- CVE-2016-6893
-- Marc Deslauriers <email address hidden> Fri, 28 Oct 2016 15:19:14 -0400
-
mailman (1:2.1.14-3ubuntu0.2) precise-security; urgency=medium
* SECURITY UPDATE: path traversal vulnerability
- debian/patches/CVE-2015-2775.patch: validate list name in
Mailman/Utils.py, add comment to Mailman/Defaults.py.in.
- CVE-2015-2775
-- Marc Deslauriers <email address hidden> Fri, 03 Apr 2015 08:39:37 -0400
-
mailman (1:2.1.14-3ubuntu0.1) precise-proposed; urgency=low
* Ensure clean, unprompted upgrades of mailman from previous
releases (LP: #911244):
- d/preinst.in: Cherry picked update from most recent packaging to
remove any unmanaged+unchanged versions of /etc/cron.d/mailman prior
to installation of the new, managed version.
-- James Page <email address hidden> Fri, 13 Jul 2012 08:42:33 +0100
-
mailman (1:2.1.14-3) unstable; urgency=low
* Make man page descruptions match more keywords (closes: #597112).
* Add cull_bad_shunt command to default cron job (closes: #615204)
and improve cron job handling in the package.
* Import dpkg buildflags, also enabling hardening features.
* Remove gate_news debconf question.
-- Ubuntu Archive Auto-Sync <email address hidden> Wed, 19 Oct 2011 09:20:03 +0000
-
mailman (1:2.1.14-2) unstable; urgency=low
[ Thijs Kinkhorst ]
* Move mail-transport-agent to Recommends, since Mailman can be
configured to run with a remote MTA (closes: #616292).
* Update to policy 3.9.2, add build-{arch,indep} targets.
[ Thorsten Glaser ]
* Add myself to Uploaders, as suggested by Thijs.
* Apply patch from Barry Warsaw to switch from python-support
to dh_python2. (LP: #788514) (Closes: #637398)
-- Thijs Kinkhorst <email address hidden> Wed, 17 Aug 2011 12:00:50 +0000
-
mailman (1:2.1.14-1ubuntu2) oneiric; urgency=low
* Fix Python dependencies in resulting deb. (LP: #826795)
-- Barry Warsaw <email address hidden> Mon, 15 Aug 2011 15:03:30 -0400