[Mailman-Developers] Mailman container images 0.3.12 is now out

Hey Everyone, I have just tagged release 0.3.12 on Github for container images for Mailman 3[1]. This release includes the fix for CVE-2021-40347 that was announced earlier today. For the folks using 0.3 or 0.3.11 release tags, it is highly recommended that you upgrade to this release. This

[Mailman-Developers] New vulnerability in Hyperkitty master branch

Hey Everyone, A new vulnerability was reported against Hyperkitty’s git master branch branch which can expose the archives of a private Mailing List through the new Feeds API that was added to Hyperkitty recently to someone who isn't a member or logged-in. Thanks to Ngo Wei Lin for reporti

[Mailman-Developers] CVE-2021-40347: New security release for Postorius

Everyone, A security vulnerability was reported against Postorius recently which allows any logged-in user to unsubscribe any other member on any other list on same Mailman installation using a specially crafted POST request due to a missing ownership check. This has been assigned CVE-2021-403