Tokio Kikuchi wrote: >> http://www.securityfocus.com/bid/16248/discuss >> GNU Mailman Large Date Data Denial Of Service Vulnerability >> GNU Mailman is prone to a denial of service attack. This issue affects >> the >> email date parsing functionality of Mailman. (snip) >> 06.3.18 CVE: CVE-2005-4153 (snip) > > Mailman-2.1.7 is not vulnerable to this issue. >
We may have to patch against this email package parsedate bug. I've just uploaded a patch on SF tracker. Please someone review this before I commit in the CVS (this weekend, maybe). https://sourceforge.net/tracker/?func=add&group_id=103&atid=300103 Cheers, -- Tokio Kikuchi, tkikuchi@ is.kochi-u.ac.jp http://weather.is.kochi-u.ac.jp/ _______________________________________________ Mailman-Developers mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
