UbuntuUpdates.org

Package "mailman"

Name: mailman

Description:

Web-based mailing list manager (legacy branch)

Latest version: 1:2.1.26-1ubuntu0.6
Release: bionic (18.04)
Level: security
Repository: main
Homepage: http://www.list.org/

Links


Download "mailman"


Other versions of "mailman" in Bionic

Repository Area Version
base main 1:2.1.26-1
updates main 1:2.1.26-1ubuntu0.6

Changelog

Version: 1:2.1.26-1ubuntu0.6 2021-12-07 20:07:09 UTC

  mailman (1:2.1.26-1ubuntu0.6) bionic-security; urgency=medium

  * SECURITY UPDATE: CRSF attack against a list admin
    - debian/patches/CVE-2021-44227.patch: don't allow unprivileged tokens
      for admin or admindb in Mailman/CSRFcheck.py, Mailman/Cgi/admin.py,
      Mailman/Cgi/admindb.py, Mailman/Cgi/edithtml.py.
    - CVE-2021-44227

 -- Marc Deslauriers <email address hidden> Tue, 07 Dec 2021 10:56:56 -0500

Source diff to previous version
CVE-2021-44227 In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin passwo

Version: 1:2.1.26-1ubuntu0.5 2021-11-18 15:06:23 UTC

  mailman (1:2.1.26-1ubuntu0.5) bionic-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - debian/patches/CVE-2021-43331.patch: sanitize URL from user
      option page in Mailman/Cgi/options.py.
    - CVE-2021-43331
  * SECURITY UPDATE: CSRF attack
    - debian/patches/CVE-2021-43332.patch: checks authorizations
      in Mailman/CSRFcheck.py, Mailman/Cgi/admindb.py.
    - CVE-2021-43332

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 17 Nov 2021 09:29:36 -0300

Source diff to previous version
CVE-2021-43331 In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS.
CVE-2021-43332 In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could

Version: 1:2.1.26-1ubuntu0.4 2021-10-22 06:06:17 UTC

  mailman (1:2.1.26-1ubuntu0.4) bionic-security; urgency=medium

  * SECURITY UPDATE: Potential Privilege escalation via the user
    options page. (LP: #1947639)
    - debian/patches/CVE-2021-42096-CVE-2021-42097.patch: Always make
      the CSRF token for the user
    - CVE-2021-42096
  * SECURITY UPDATE: Potential CSRF attack via the user options page
    (LP: #1947640)
    - debian/patches/CVE-2021-42096-CVE-2021-42097.patch: ensure token
      is for the user whose option page is being requested
    - CVE-2021-42097

 -- Steve Beattie <email address hidden> Thu, 21 Oct 2021 14:24:48 -0700

Source diff to previous version
1947639 Potential Privilege escalation via the user options page.
1947640 Potential CSRF attack via the user options page.
CVE-2021-42096 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in
CVE-2021-42097 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain

Version: 1:2.1.26-1ubuntu0.3 2020-06-29 15:06:21 UTC

  mailman (1:2.1.26-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Arbitrary Content Injection
    - debian/patches/CVE-2020-15011.diff: checks if
      roster private, if so log the info in Mailman/Cgi/private.py.
    - CVE-2020-15011

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 25 Jun 2020 15:20:16 -0300

Source diff to previous version
CVE-2020-15011 GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.

Version: 1:2.1.26-1ubuntu0.2 2020-05-11 14:06:45 UTC

  mailman (1:2.1.26-1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Arbitrary Content Injection
    - debian/patches/CVE-2020-12108.diff: removed
      safeusers variable that allows arbitrary content
      to be injected in Mailman/Cgi/options.py.
    - CVE-2020-12108

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 07 May 2020 09:51:53 -0300

CVE-2020-12108 /options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.



About   -   Send Feedback to @ubuntu_updates