Raquel Rice wrote: a 'private' in the src/ directory, >> how does it compare to 'private.bad'. >>=20 >> You could just try >>=20 >> mv private.bad private >>=20 >> and see what happens. >>=20 >> --=20 >> Mark Sapiro=20 > >It seems to me that the problem lies with the >Debian maintainer of Mailman.
Yes, it seems so. For more insight on why this might be the case, see the notes about CAN-2005-0202 at <http://www.list.org/security.html>. >Thank you for helping me to see past the symptoms. > >I wonder what would happen if I just renamed "private.bad" to >"private"? That's what I was suggesting - >> You could just try >> >> mv private.bad private >> >> and see what happens. I think it will probably work. You probably should look at the patch at http://www.list.org/CAN-2005-0202.txt and at your Mailman/Cgi/private.py file to see if you have this vulnerability in your Mailman and either patch the file or download the Mailman 2.1.6 version from <http://cvs.sourceforge.net/viewcvs.py/*checkout*/mailman/mailman/Mailman/Cgi/private.py?rev=2.16.2.3> -- Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
