RE: [SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities

To: debian-devel@lists.debian.org
Subject: RE: [SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities
From: "Julian Mehnle" <bulk@mehnle.net>
Date: Tue, 24 Feb 2004 02:57:37 +0100
Message-id: <[🔎] EHEOIEJMBFBKCKMPHFJKEEIMFDAA.bulk@mehnle.net>
Reply-to: julian@mehnle.net
In-reply-to: <[🔎] 20040223175738.GC20928@alcor.net>

Matt Zimmerman wrote:
> On Sun, Feb 22, 2004 at 03:07:20PM +0100, Julian Mehnle wrote:
> > As far as I can see from the CAN, CAN-2003-0991 had already been
> > fixed in 
> > 2.0.14.  Is this really an unfixed security vulnerability in the
> > version that is currently in unstable (2.1.4-1)?
> 
> mailman 2.0.14 (2004-02) postdates mailman 2.1.4 (2003-12).

Thanks for the hint.  So, CAN-2003-0991 is effectively unfixed in the mailman packages that are currently in unstable (and testing), correct?  Are there any plans to fix the vulnerability soon?  Tollef?

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities
  - From: Tollef Fog Heen <tfheen@raw.no>

References:
- Re: [SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: Debian needs more buildds. It has offers. They aren't being accepted.
Next by Date: Re: Debian packages
Previous by thread: Re: [SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities
Next by thread: Re: [SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities
Index(es):
- Date
- Thread