------------------------------------------------------------ revno: 1877 tags: 2.1.36 committer: Mark Sapiro <m...@msapiro.net> branch nick: 2.1 timestamp: Thu 2021-11-11 11:08:02 -0800 message: Bumped branch version to: 2.1.36 modified: Mailman/Version.py NEWS
-- lp:mailman/2.1 https://code.launchpad.net/~mailman-coders/mailman/2.1 Your team Mailman Checkins is subscribed to branch lp:mailman/2.1. To unsubscribe from this branch go to https://code.launchpad.net/~mailman-coders/mailman/2.1/+edit-subscription
=== modified file 'Mailman/Version.py' --- Mailman/Version.py 2021-10-20 00:21:49 +0000 +++ Mailman/Version.py 2021-11-11 19:08:02 +0000 @@ -16,7 +16,7 @@ # USA. # Mailman version -VERSION = '2.1.35' +VERSION = '2.1.36' # And as a hex number in the manner of PY_VERSION_HEX ALPHA = 0xa @@ -28,7 +28,7 @@ MAJOR_REV = 2 MINOR_REV = 1 -MICRO_REV = 35 +MICRO_REV = 36 REL_LEVEL = FINAL # at most 15 beta releases! REL_SERIAL = 0 === modified file 'NEWS' --- NEWS 2021-11-03 19:02:21 +0000 +++ NEWS 2021-11-11 19:08:02 +0000 @@ -5,17 +5,17 @@ Here is a history of user visible changes to Mailman. -2.1.36 (xx-Nov-2021) +2.1.36 (12-Nov-2021) Security - A potential XSS attack via the user options page has been reported by - Harsh Jaiswal. This is fixed. CVE-2021-43331 (LP:#1949401) + Harsh Jaiswal. This is fixed. CVE-2021-43331 (LP: #1949401) - A potential for for a list moderator to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas, Richard Cloke and Andy Nuttall of Apple. This is fixed. - CVE-2021-43332 (LP:#1949403) + CVE-2021-43332 (LP: #1949403) 2.1.35 (19-Oct-2021) @@ -24,10 +24,10 @@ - A potential for for a list member to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas, Richard Cloke and Andy Nuttall of Apple. This is fixed. - CVE-2021-42096 (LP:#1947639) + CVE-2021-42096 (LP: #1947639) - A CSRF attack via the user options page could allow takeover of a users - account. This is fixed. CVE-2021-42097 (LP:#1947640) + account. This is fixed. CVE-2021-42097 (LP: #1947640) Bug Fixes and other patches
_______________________________________________ Mailman-checkins mailing list -- mailman-checkins@python.org To unsubscribe send an email to mailman-checkins-le...@python.org https://mail.python.org/mailman3/lists/mailman-checkins.python.org/ Member address: arch...@jab.org