[Mailman-Users] Question about Security Bulletin
George A. Theall
theall at tifaware.com
Mon Sep 11 16:10:36 CEST 2006
On Mon, Sep 11, 2006 at 07:59:44AM -0500, Barry Finkel wrote:
> This bulletin only mentions Red Hat. Does the bulletin apply only
> to Red Hat distributions, or does it apply to all Mailman distributions?
The general Mailman distribution is affected as well; see:
http://sourceforge.net/project/shownotes.php?release_id=444295&group_id=103
> Is this a problem that only affects 2.1.5, or does it affect subsequent
> versions of Mailman? Thanks.
If you have access to Nessus, you may want to take a look at a plugin
I wrote to check for the first issue mentioned:
http://www.nessus.org/plugins/index.php?view=single&id=22307
[The plugin is available now to those with a direct feed and will become
available tomorrow for those with a registered feed.] I run a few lists
with 2.1.6 and that version is definitely vulnerable.
George
--
theall at tifaware.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.python.org/pipermail/mailman-users/attachments/20060911/d49c62a5/attachment.pgp
More information about the Mailman-Users
mailing list