[SECURITY] [DLA 3049-1] mailman security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3049-1] mailman security update
From: Sylvain Beucler <beuc@beuc.net>
Date: Thu, 9 Jun 2022 12:14:15 +0200
Message-id: <[🔎] 20220609101415.GA21919@mail.beuc.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3049-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Sylvain Beucler
June 09, 2022                                 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : mailman
Version        : 1:2.1.23-1+deb9u8
CVE ID         : CVE-2021-43331 CVE-2021-43332 CVE-2021-44227
Debian Bug     : 1000367 1001685

Several vulnerabilities were discovered in Mailman, a web-based
mailing list manager. An attacker could impersonate more privileged
accounts through different vectors.

CVE-2021-43331

    A crafted URL to the Cgi/options.py user options page can execute
    arbitrary JavaScript for XSS. (Closes: #1000367)

CVE-2021-43332

    The CSRF token for the Cgi/admindb.py admindb page contains an
    encrypted version of the list admin password. This could
    potentially be cracked by a moderator via an offline brute-force
    attack.

CVE-2021-44227

    A list member or moderator can get a CSRF token and craft an admin
    request (using that token) to set a new admin password or make
    other changes.

For Debian 9 stretch, these problems have been fixed in version
1:2.1.23-1+deb9u8.

We recommend that you upgrade your mailman packages.

For the detailed security status of mailman please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mailman

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmKhx2YACgkQDTl9HeUl
XjCYCBAAtNlmfPE8FFLkTIVcvZsBl17iDLGgzp1Hm7+35XimcAFWLqioywzTvStQ
8I00MMAHTg9rZW/VFiC+idd1mcTy7L+dDnPh6DiyduGm9xzCoHfy4uB9o+lO9YYe
kSc7icMbtPQeCn81GgmFIG4BrGNM7lTdYynzb0mSzQA3kvd21eGsXDjlGnGDRv2M
ok0XMc/phDDeQ/D9tdO1qGSVkCAhAjVNbcfKtDifH2Nx2TrmaO9ZzbhNGkE8oeNV
SgM1i7xZ5zkTIoOcqXUHceqP1n4WMtRD0AzXDFsuh4nWI4VxneJzryExb0OTCy2y
YGuUt/E3970QR58u0WS0qerRlQ43J1S2H287/g8ZwEoLb1T83hVStqAK+pWPOjSC
9h63kwFXYJoeUikIqGUPkZW4ugqLhVt4L2lMgumdj00M87CURnwmSCYUM0kNCJq6
VH8LUroBH1n0Ry1eC0/joZQti9hkJPE/uzf2cTACF8OZFGs5nFN9DRWdLhfuE8uV
CbqNR8UrJqtMYer9j2gcxKu36PKe5CTacFhjeZRObwj7HAYYpFwt8RmjjecZyMnI
328/OE2SwUBHNnf1KUnWD7uI1lwDh8mIEFZShJFpGMtfPEWQMITVXs+94g54fwuL
N77262H49d5sw/9TlagoU7rsEDm0rshzeRsH0BXe9dHsbWzqz1Y=
=Rz9G
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3048-1] python-bottle security update
Next by Date: [SECURITY] [DLA 3050-1] vlc security update
Previous by thread: [SECURITY] [DLA 3048-1] python-bottle security update
Next by thread: [SECURITY] [DLA 3050-1] vlc security update
Index(es):
- Date
- Thread