mailman:2.1 security update
エラータID: AXSA:2021-2169:01
Mailman is a program used to help manage e-mail discussion lists.
Security Fix(es):
* mailman: arbitrary content injection via the options login page (CVE-2020-12108)
* mailman: arbitrary content injection via the private archive login page (CVE-2020-15011)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2020-12108
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.
CVE-2020-15011
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
Modularity name: mailman
Stream name: 2.1
Update packages.
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
N/A
SRPMS
- mailman-2.1.29-11.module+el8+1255+c5fd5869.src.rpm
MD5: 63b2e3f5f7cf5f3ab08718335ff45569
SHA-256: 59d06f84d674d99530d77ce6db39c5d6a258f68b793ff96a8de910986cbc74d6
Size: 9.02 MB
Asianux Server 8 for x86_64
- mailman-2.1.29-11.module+el8+1255+c5fd5869.x86_64.rpm
MD5: 73572a9ad043b26f1465cedee821d954
SHA-256: 19872274d46df289b2762fa97186c60d7fe714a56c69366bdc1ef9050e80dade
Size: 5.99 MB - mailman-debugsource-2.1.29-11.module+el8+1255+c5fd5869.x86_64.rpm
MD5: f75bc89a0f6ad15e8663c2374b9e7937
SHA-256: 9016a06e3cfac95068d9d5b7863fca5b1b0880112675e6484ec4c2475178468a
Size: 36.91 kB