Synopsis: Moderate: mailman security and bug fix update
Advisory ID: SLSA-2020:1054-1
Issue Date: 2020-04-07
CVE Numbers: CVE-2018-0618
CVE-2018-13796
--
* mailman: Cross-site scripting vulnerability allows malicious listowners
to inject scripts into listinfo pages
* mailman: Mishandled URLs in Utils.py:GetPathPieces() allows attackers to
display arbitrary text on trusted sites
--
SL7
x86_64
mailman-2.1.15-30.el7.x86_64.rpm
mailman-debuginfo-2.1.15-30.el7.x86_64.rpm
- Scientific Linux Development Team
|