mailman
No description set
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:bastianfriedrich/mailman && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| README.SUSE | 0000005548 5.42 KB | |
| aliases | 0000000127 127 Bytes | |
| logrotate.mailman | 0000000747 747 Bytes | |
| mailman-2.1-manpages.tgz | 0000007004 6.84 KB | |
| mailman-2.1.14-editarch.patch | 0000025933 25.3 KB | |
| mailman-2.1.14-misc-PACKAGES.diff | 0000001102 1.08 KB | |
| mailman-2.1.14-python.dif | 0000001599 1.56 KB | |
| mailman-2.1.26-list_lists.patch | 0000002062 2.01 KB | |
| mailman-2.1.39.tgz | 0009508474 9.07 MB | |
| mailman-2.1.39.tgz.sig | 0000000095 95 Bytes | |
| mailman-2.1.4-dirmode.patch | 0000002809 2.74 KB | |
| mailman-2.1.4-notavaliduser.patch | 0000000591 591 Bytes | |
| mailman-2.1.5-no_extra_asian.dif | 0000000984 984 Bytes | |
| mailman-apache2.conf | 0000001343 1.31 KB | |
| mailman-generate-sysconfig | 0000005728 5.59 KB | |
| mailman-rpmlintrc | 0000000081 81 Bytes | |
| mailman-update-cfg | 0000000436 436 Bytes | |
| mailman-weak-password.diff | 0000000679 679 Bytes | |
| mailman-wrapper.patch | 0000004484 4.38 KB | |
| mailman.changes | 0000039685 38.8 KB | |
| mailman.keyring | 0000009961 9.73 KB | |
| mailman.service | 0000000581 581 Bytes | |
| mailman.sgidlist | 0000000426 426 Bytes | |
| mailman.spec | 0000013307 13 KB | |
| mm-text.png | 0000000216 216 Bytes | |
| rcmailman | 0000004970 4.85 KB | |
| reproducible.patch | 0000000577 577 Bytes | |
| sysconfig.mailman | 0000002493 2.43 KB | |
| systemd-units.tar.xz | 0000001744 1.7 KB |
Latest Revision
Bastian Friedrich (bastianfriedrich)
committed
(revision 1)
- Update to 2.1.39
- Update to 2.1.37
- A bug in the fix for CVE-2021-43332 has been fixed. (LP: #1950833)
- Fixed a potential XSS attack via the user options page CVE-2021-43331)
- Fixed a potential for a list moderator to carry out an off-line
brute force attack to obtain the list admin password
CVE-2021-43332 (LP: #1949403)
- Update to 2.1.35 to fix 2 security issues:
- A potential for for a list member to carry out an off-line brute force
attack to obtain the list admin password has been reported by Andre
Protas, Richard Cloke and Andy Nuttall of Apple. This is fixed.
CVE-2021-42096 (boo#1191959, LP:#1947639)
- A CSRF attack via the user options page could allow takeover of a users
account. This is fixed. CVE-2021-42097 (boo#1191960, LP:#1947640)
- Update to 2.1.34:
- The fix for lp#1859104 can result in ValueError being thrown
on attempts to subscribe to a list. This is fixed and
extended to apply REFUSE_SECOND_PENDING to unsubscription as
well. (lp#1878458)
- DMARC mitigation no longer misses if the domain name returned
by DNS contains upper case. (lp#1881035)
- A new WARN_MEMBER_OF_SUBSCRIBE setting can be set to No to
prevent mailbombing of a member of a list with private
rosters by repeated subscribe attempts. (lp#1883017)
- Very long filenames for scrubbed attachments are now
truncated. (lp#1884456)
Comments 0