[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: [SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities

Matt Zimmerman wrote:
> On Sun, Feb 22, 2004 at 03:07:20PM +0100, Julian Mehnle wrote:
> > As far as I can see from the CAN, CAN-2003-0991 had already been
> > fixed in 
> > 2.0.14.  Is this really an unfixed security vulnerability in the
> > version that is currently in unstable (2.1.4-1)?
> mailman 2.0.14 (2004-02) postdates mailman 2.1.4 (2003-12).

Thanks for the hint.  So, CAN-2003-0991 is effectively unfixed in the mailman packages that are currently in unstable (and testing), correct?  Are there any plans to fix the vulnerability soon?  Tollef?

Reply to: