Re: Mailman vulnerability

2006-11-16 Thread Martin Marques
On Wed, 15 Nov 2006, David Eisenstein wrote: Thanks a bunch, Martin! :) Info on your source package has been placed into Bugzilla #209891 http://tinyurl.com/yje83r, and hopefully we'll soon have this QA'ed and published in the Legacy repositories! We still need work on the FC3 version of

Re: Mailman vulnerability

2006-11-15 Thread Martin Marques
On Wed, 15 Nov 2006 00:50:46 -0600, David Eisenstein [EMAIL PROTECTED] wrote: We still need work on the FC3 version of this package: mailman-2.1.5-32.fc3.src.rpm in Bugzilla #211676. This should be easier, as the patches I used from RHEL (attached in this mail) were for mailmail 2.1.5.

Re: Mailman vulnerability

2006-11-14 Thread Martin Marques
On Wed, 8 Nov 2006, Jesse Keating wrote: On Wednesday 08 November 2006 06:45, Martin Marques wrote: Would you people like to see the patches first or do I send the src.rpm? Either way. We now manage FC-4 in CVS so adding just a patch to generate a updates-testing rpm is easy enough. OK. I

Re: Mailman vulnerability

2006-11-08 Thread Martin Marques
On Thu, 5 Oct 2006, Michal Jaegermann wrote: On Thu, Oct 05, 2006 at 09:19:48AM -0300, Martin Marques wrote: I have a FC4 web server installed and got this mailman report: http://www.securityfocus.com/bid/19831/discuss Is it to worry? Probably. See also

Re: Mailman vulnerability

2006-11-08 Thread Martin Marques
On Wed, 8 Nov 2006, Jesse Keating wrote: On Wednesday 08 November 2006 06:45, Martin Marques wrote: Would you people like to see the patches first or do I send the src.rpm? Either way. We now manage FC-4 in CVS so adding just a patch to generate a updates-testing rpm is easy enough.

Re: Mailman vulnerability

2006-10-07 Thread David Eisenstein
- Original Message - From: Martin Marques martin@bugs.unl.edu.ar To: fedora-legacy-list@redhat.com Sent: Thursday, October 05, 2006 7:19 AM Subject: Mailman vulnerability I have a FC4 web server installed and got this mailman report: http://www.securityfocus.com/bid/19831/discuss

Fw: Mailman vulnerability

2006-10-07 Thread David Eisenstein
- Original Message - From: Martin Marques martin@bugs.unl.edu.ar To: Discussion of the Fedora Legacy Project fedora-legacy-list@redhat.com Sent: Saturday, October 07, 2006 9:51 AM Subject: Re: Mailman vulnerability On Thu, 5 Oct 2006, Michal Jaegermann wrote: On Thu, Oct 05, 2006

Mailman vulnerability

2006-10-05 Thread Martin Marques
I have a FC4 web server installed and got this mailman report: http://www.securityfocus.com/bid/19831/discuss Is it to worry? I am thinking about promoting it to FC5 but as it is a server in production I want to make a very good plan first. -- 21:50:04 up 2 days, 9:07, 0 users, load

Re: Mailman vulnerability

2006-10-05 Thread Michal Jaegermann
On Thu, Oct 05, 2006 at 09:19:48AM -0300, Martin Marques wrote: I have a FC4 web server installed and got this mailman report: http://www.securityfocus.com/bid/19831/discuss Is it to worry? Probably. See also http://rhn.redhat.com/errata/RHSA-2006-0600.html FC4 is using mailman-2.1.5-35