mailman (1:2.1.20-1ubuntu0.4) xenial-security; urgency=medium
* SECURITY UPDATE: XSS vulnerability
- debian/patches/93_CVE-2018-0618.patch: avoiding
injections in Mailman/Gui/General.py, Mailman/Utils.py,
Mailman/Gui/GUIBase.py
- CVE-2018-0618
* SECURITY UPDATE: Arbitrary text injection
- debian/patches/94_CVE-2018-13796.patch: check for injections
in Mailmain/Utils.py.
- CVE-2018-13796
* SECURITY UPDATE: XSS vulnerability
- debian/patches/CVE-2020-12137.diff: use .bin extension
for scrubbed application/octet-stream files in
Mailman/Handlers/Scrubber.py.
- CVE-2020-12137
Date: 2020-04-28 18:42:14.869630+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/mailman/1:2.1.20-1ubuntu0.4
Sorry, changesfile not available.
--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
