Re: Accepted mailman 2.0.11-1woody2 (i386 source)
* Matt Zimmerman
| * Security team NMU
| * Apply security fixes from 2.0.12:
| - Implemented a guard against some reply loops and 'bot
| subscription attacks. Specifically, if a message to -request
| has a Precedence: bulk (or list, or junk) header, the command is
| ignored. Well-behaved 'bots should always include such a
| header.
| .
| - Closed another minor cross-site scripting vulnerability.
as always when NMU-ing, please, please send a patch to the BTS and/or
the maintainer.
--
Tollef Fog Heen ,''`.
UNIX is user friendly, it's just picky about who its friends are : :' :
`. `'
`-
Reply to: