Re: [SECURITY] [DSA 1027-1] New mailman packages fix denial of service

To: security@debian.org
Cc: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1027-1] New mailman packages fix denial of service
From: Lionel Elie Mamane <lionel@mamane.lu>
Date: Thu, 6 Apr 2006 11:07:08 +0200
Message-id: <[🔎] 20060406090708.GA2162@capsaicin.mamane.lu>
Mail-followup-to: security@debian.org, debian-security@lists.debian.org
In-reply-to: <m1FRPl0-000og4C@finlandia.Infodrom.North.DE>
References: <m1FRPl0-000og4C@finlandia.Infodrom.North.DE>

On Thu, Apr 06, 2006 at 10:22:22AM +0200, Martin Schulze wrote:
> --------------------------------------------------------------------------
> Debian Security Advisory DSA 1027-1                    security@debian.org
> http://www.debian.org/security/                                 Steve Kemp
> April 6th, 2006                         http://www.debian.org/security/faq
> --------------------------------------------------------------------------

> Package        : mailman
> Vulnerability  : programming error
> CVE ID         : CVE-2006-0052
> Debian Bug     : 358892

> A potential denial of service problem has been discovered in mailman,
> the web-based GNU mailing list manager.  The (failing) parsing of
> messages with malformed mime multiparts sometimes caused the whole
> mailing list to become inoperative.

> For the unstable distribution (sid) this problem will be fixed soon.

No, it has been fixed on Sun, 25 Dec 2005 (unknowingly) with the
upload of 2.1.6-1.

-- 
Lionel

Reply to:

Prev by Date: Re: [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities
Next by Date: Re: [SECURITY] [DSA 1018-2] New Linux kernel 2.4.27 packages fix several vulnerabilities
Previous by thread: Re: [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities
Next by thread: Re: [SECURITY] [DSA 1018-2] New Linux kernel 2.4.27 packages fix several vulnerabilities
Index(es):
- Date
- Thread