[LIH][Fwd: RHN Errata Alert: Updated mailman packages close cross-site scripting vulnerabilities]

Fri, 06 Feb 2004 00:18:52 -0800



-------- Original Message --------
Subject: RHN Errata Alert: Updated mailman packages close cross-site scripting vulnerabilities
Date: Thu, 5 Feb 2004 23:35:38 -0500
From: Red Hat Network Alert <[EMAIL PROTECTED]>

Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered:

Complete information about this errata can be found at the following location:
https://rhn.redhat.com/network/errata/errata_details.pxt?eid=2003

Security Advisory - RHSA-2004:020-02
------------------------------------------------------------------------------
Summary:
Updated mailman packages close cross-site scripting vulnerabilities

Updated mailman packages that close various cross-site scripting
vulnerabilities are now available.

Description:
Mailman is a mailing list manager.

Dirk Mueller discovered a cross-site scripting bug in the admin interface
in versions of Mailman 2.1 before 2.1.4.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0965 to
this issue.

A cross-site scripting bug in the 'create' CGI script affects versions of
Mailman 2.1 before 2.1.3.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0992 to this issue.

Users of Mailman are advised to upgrade to the erratum packages, which
include backported security fixes and are not vulnerable to these issues.
------------------------------------------------------------------------------

-------------
Taking Action
-------------
You may address the issues outlined in this advisory in two ways:

     - select your server name by clicking on its name from the list
       available at the following location, and then schedule an
       errata update for it:
           https://rhn.redhat.com/network/systemlist/system_list.pxt

- run the Update Agent on each affected server.






--
[EMAIL PROTECTED] (Suresh Ramasubramanian)
[EMAIL PROTECTED]:/usr/src$ mv linux Gnu/Linux
mv: cannot move `linux' to `Gnu/Linux': No such file or directory
        jaharkes @ cs.cmu.edu in reply to RMS on linux.kernel


-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help

Reply via email to