[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: mailman 2.1.5-8sarge3: screwup between security and maintainer upload

* Martin Schulze:

> Imho, it's more useful to upload 2.1.5-8sarge4 and only bump the
> version number to get the new version built for all architectures into
> the archive.

While you are at it, you could also include this patch:

Revision: 8001
Author:   bwarsaw
Date:     2006-08-30 07:54:22 -0700 (Wed, 30 Aug 2006)

Log Message:
CVE-2006-3636.  Fixes for various cross-site scripting issues.  Discovery by
Moritz Naumann and most of the repair work done by Mark Sapiro (with some
additional work by Barry).

Reply to: