Re: [SECURITY] [DSA 1027-1] New mailman packages fix denial of service
On Thu, Apr 06, 2006 at 10:22:22AM +0200, Martin Schulze wrote:
> --------------------------------------------------------------------------
> Debian Security Advisory DSA 1027-1 security@debian.org
> http://www.debian.org/security/ Steve Kemp
> April 6th, 2006 http://www.debian.org/security/faq
> --------------------------------------------------------------------------
> Package : mailman
> Vulnerability : programming error
> CVE ID : CVE-2006-0052
> Debian Bug : 358892
> A potential denial of service problem has been discovered in mailman,
> the web-based GNU mailing list manager. The (failing) parsing of
> messages with malformed mime multiparts sometimes caused the whole
> mailing list to become inoperative.
> For the unstable distribution (sid) this problem will be fixed soon.
No, it has been fixed on Sun, 25 Dec 2005 (unknowingly) with the
upload of 2.1.6-1.
--
Lionel
Reply to: