Format: 1.8
Date: Thu, 06 Oct 2016 11:27:40 -0400
Source: mailman
Binary: mailman
Architecture: source
Version: 1:2.1.16-2ubuntu0.2
Distribution: trusty-security
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 mailman    - Powerful, web-based mailing list manager
Changes: 
 mailman (1:2.1.16-2ubuntu0.2) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: CSRF vulnerability in the user options page
     - debian/patches/CVE-2016-6893.patch: add CSRF checks to
       Mailman/Cgi/admindb.py, Mailman/Cgi/edithtml.py,
       Mailman/Cgi/options.py, Mailman/HTMLFormatter.py,
       Mailman/htmlformat.py.
     - CVE-2016-6893
Checksums-Sha1: 
 7e419c29a619debeb9b9837da2178f8f66a250e8 2167 mailman_2.1.16-2ubuntu0.2.dsc
 1cc4425be05c497a1915a9578f6b4f615d19d0ad 127113 mailman_2.1.16-2ubuntu0.2.debian.tar.gz
Checksums-Sha256: 
 d2cad3ed7350ecbf1db0159ff3d498ec67e320625c3aeccbbcde7e3d4a24ca32 2167 mailman_2.1.16-2ubuntu0.2.dsc
 d530ba760bb9340fdddbadcf410a367ac2c28b7b146f4f8974eef537bf2c987d 127113 mailman_2.1.16-2ubuntu0.2.debian.tar.gz
Files: 
 b1a0bc1f70a9ac8d6fc7111222a772eb 2167 mail optional mailman_2.1.16-2ubuntu0.2.dsc
 75d40de95d73f873413c615d029f3e71 127113 mail optional mailman_2.1.16-2ubuntu0.2.debian.tar.gz
Original-Maintainer: Mailman for Debian <pkg-mailman-hackers@lists.alioth.debian.org>