[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 148-1] sympa security update

Package        : sympa
Version        : 6.0.1+dfsg-4+squeeze3
CVE ID         : CVE-2015-1306

A vulnerability has been discovered in the web interface of sympa, a
mailing list manager. An attacker could take advantage of this flaw in
the newsletter posting area, which allows sending to a list, or to
oneself, any file located on the server filesystem and readable by the
sympa user.

Attachment: signature.asc
Description: Digital signature

Reply to: