This bug was fixed in the package mailman - 1:2.1.9-4ubuntu1.1
---------------
mailman (1:2.1.9-4ubuntu1.1) feisty-security; urgency=low
* debian/control:
+ updated maintainer field
* SECURITY UPDATE:
+ debian/patches/100_CVE-2008-0564.dpatch (LP: #199338)
- Multiple cross-site scripting (XSS) vulnerabilities in Mailman
before 2.1.10b1 allow remote attackers to inject arbitrary web
script or HTML via unspecified vectors related to (1) editing
templates and (2) the list's "info attribute" in the web
administrator interface.
* References
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0564
+ http://bugs.gentoo.org/show_bug.cgi?id=208710
-- Emanuele Gentili <[EMAIL PROTECTED]> Fri, 07 Mar 2008
05:38:51 +0100
--
[CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman
https://bugs.launchpad.net/bugs/199338
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
