This bug was fixed in the package mailman - 1:2.1.18-2
Sponsored for Artur Rona (ari-tczew)
---------------
mailman (1:2.1.18-2) unstable; urgency=high
* Fix security issue: path traversal through local_part.
Affects installations which use an Exim or Postfix transport
instead of fixed aliases; attacker needs to be able to place
files on the local filesystem.
(CVE-2015-2775, Closes: 781626)
-- Thijs Kinkhorst <th...@debian.org> Mon, 06 Apr 2015 15:36:15 +0000
** Changed in: mailman (Ubuntu)
Status: New => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2775
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mailman in Ubuntu.
https://bugs.launchpad.net/bugs/1454866
Title:
Sync mailman 1:2.1.18-2 (main) from Debian unstable (main)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mailman/+bug/1454866/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
