[Bug 199338] Re: [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman

[Launchpad Bug Tracker]

This bug was fixed in the package mailman - 1:2.1.9-8ubuntu0.1

---------------
mailman (1:2.1.9-8ubuntu0.1) gutsy-security; urgency=low

  * debian/control:
   + updated maintainer field
  * SECURITY UPDATE:
   + debian/patches/100_CVE-2008-0564.dpatch (LP: #199338)
    - Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 
2.1.10b1 allow
      remote attackers to inject arbitrary web script or HTML via unspecified 
vectors related
      to (1) editing templates and (2) the list's "info attribute" in the web 
administrator interface.
  * References
   + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0564
   + http://bugs.gentoo.org/show_bug.cgi?id=208710

 -- Emanuele Gentili <[EMAIL PROTECTED]>   Fri, 07 Mar 2008
03:52:46 +0100

** Changed in: mailman (Ubuntu Gutsy)
       Status: Fix Committed => Fix Released

** Changed in: mailman (Ubuntu Feisty)
       Status: Fix Committed => Fix Released

-- 
[CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman
https://bugs.launchpad.net/bugs/199338
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs