severity 803161 normal thanks * Dominik George:
> Severity: critical > Tags: security > Justification: root security hole > > The log files of mailman, residing in /var/lib/mailman/log and in > /var/log/mailman, and the log directory itself are created > world-readable by default. This discloses sensitive information about > list users, for example e-mail addresses and full names in the subscribe > log, to all unprivileged system users that have shell or filesystem > access. This issue can be considered a security vulnerability, but it is certainly not a rot security hole, hence lowering the severity. Florian