------------------------------------------------------------
revno: 1044
committer: Mark Sapiro <[EMAIL PROTECTED]>
branch nick: 2.1
timestamp: Mon 2008-02-04 17:47:24 -0800
message:
The 2.1.10 security enhancements have been assigned a new CVE. Updated
NEWS accordingly.
modified:
NEWS
=== modified file 'NEWS'
--- a/NEWS 2008-02-02 22:23:32 +0000
+++ b/NEWS 2008-02-05 01:47:24 +0000
@@ -8,11 +8,11 @@
Security
- - The 2.1.9 fixes for CVE-2006-3636 have been enhanced. In particular,
- many potential cross-site scripting attacks have are now detected in
+ - The 2.1.9 fixes for CVE-2006-3636 were not complete. In particular,
+ some potential cross-site scripting attacks were not detected in
editing templates and updating the list's info attribute via the web
- admin interface. Thanks again to Moritz Naumann for assistance with
- this.
+ admin interface. This has been assigned CVE-2008-0564 and has been
+ fixed. Thanks again to Moritz Naumann for assistance with this.
New Features
--
Stable, maintained release series
https://code.launchpad.net/~mailman-coders/mailman/2.1
You are receiving this branch notification because you are subscribed to it.
_______________________________________________
Mailman-checkins mailing list
[email protected]
Unsubscribe:
http://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org
