Format: 1.8
Date: Thu, 06 Oct 2016 11:34:25 -0400
Source: mailman
Binary: mailman
Architecture: source
Version: 1:2.1.14-3ubuntu0.3
Distribution: precise-security
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 mailman    - Powerful, web-based mailing list manager
Changes: 
 mailman (1:2.1.14-3ubuntu0.3) precise-security; urgency=medium
 .
   * SECURITY UPDATE: CSRF vulnerability in the admin interface
     - debian/patches/CVE-2016-7123.patch: add CSRF checks to
       Mailman/CSRFcheck.py, Mailman/Cgi/admin.py, Mailman/Defaults.py.in,
       Mailman/htmlformat.py.
     - CVE-2016-7123
   * SECURITY UPDATE: CSRF vulnerability in the user options page
     - debian/patches/CVE-2016-6893.patch: add CSRF checks to
       Mailman/Cgi/admindb.py, Mailman/Cgi/edithtml.py,
       Mailman/Cgi/options.py, Mailman/HTMLFormatter.py,
       Mailman/htmlformat.py.
     - CVE-2016-6893
Checksums-Sha1: 
 44e8dd1d505c58e7c8e2ee805129ee3008edab26 2135 mailman_2.1.14-3ubuntu0.3.dsc
 85c94faafb2b056212488d2b8932846d09182288 107825 mailman_2.1.14-3ubuntu0.3.debian.tar.gz
Checksums-Sha256: 
 9404c2b67f32d278671ae78a0894d901d7785b265b744c6209fc6daa8cdd49cb 2135 mailman_2.1.14-3ubuntu0.3.dsc
 f6e294fe7d24ff469a5737a6aa31886b3f2b9bd84879ab8ffc95c255b03c48fb 107825 mailman_2.1.14-3ubuntu0.3.debian.tar.gz
Files: 
 98fa7db0cb3b39a19c6c72dd0dad2112 2135 mail optional mailman_2.1.14-3ubuntu0.3.dsc
 950f1cf2f804fb01e5cff05c3152552d 107825 mail optional mailman_2.1.14-3ubuntu0.3.debian.tar.gz
Original-Maintainer: Mailman for Debian <pkg-mailman-hackers@lists.alioth.debian.org>