Public bug reported:
If a malicious user, bot or whatever POSTs or GETs with query data to
the subscribe CGI and the data contains multiple 'digest=' fragments,
the resultant digest data seen by the subscribe CGI is a list rather
than a string. The CGI calls int() on this which throws TypeError.
The int() call is already in a try: that catches ValueError. It needs to
catch TypeError too.
** Affects: mailman
Importance: Low
Assignee: Mark Sapiro (msapiro)
Status: In Progress
--
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
https://bugs.launchpad.net/bugs/1667215
Title:
Uncaught TypeError in subscribe CGI with multiple digest flags in
post/query data
To manage notifications about this bug go to:
https://bugs.launchpad.net/mailman/+bug/1667215/+subscriptions
_______________________________________________
Mailman-coders mailing list
[email protected]
https://mail.python.org/mailman/listinfo/mailman-coders
