[Mailman-Developers] Patches for security issues in 2.1.9rc1

Albert Chin Sun, 10 Sep 2006 12:12:47 -0700

We'd like to create a patch on top of 2.1.8 for the security issues in
2.1.9rc1.


For the log injection vulnerability, we applied a diff of revisions
7822-7918 for Mailman/Utils.py from the Release_2_1-maint branch.

For CVE-2006-3636, we applied a diff of revisions 7975-8001 from the
Release_2_1-maint branch.

What revisions contain the patch for CVE-2006-2941?
  - Fixed denial of service attack which can be caused by some
    standards-breaking RFC 2231 formatted headers.  CVE-2006-2941.

-- 
albert chin ([EMAIL PROTECTED])
_______________________________________________
Mailman-Developers mailing list
Mailman-Developers@python.org
http://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: 
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

[Mailman-Developers] Patches for security issues in 2.1.9rc1

Reply via email to