Information on source package mailman

Available versions

ReleaseVersion
jessie1:2.1.18-2+deb8u2
jessie (security)1:2.1.18-2+deb8u4
stretch1:2.1.23-1+deb9u4
stretch (security)1:2.1.23-1+deb9u3
buster1:2.1.29-1
sid1:2.1.29-1

Resolved issues

BugDescription
CVE-2018-5950Cross-site scripting (XSS) vulnerability in the web UI in Mailman ...
CVE-2018-13796An issue was discovered in GNU Mailman before 2.1.28. A crafted URL ...
CVE-2018-0618Cross-site scripting vulnerability in Mailman 2.1.26 and earlier ...
CVE-2016-7123Cross-site request forgery (CSRF) vulnerability in the admin web ...
CVE-2016-6893Cross-site request forgery (CSRF) vulnerability in the user options ...
CVE-2015-2775Directory traversal vulnerability in GNU Mailman before 2.1.20, when ...
CVE-2011-0707Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py ...
CVE-2010-3089Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman ...
CVE-2008-0564Multiple cross-site scripting (XSS) vulnerabilities in Mailman before ...
CVE-2006-4624CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 ...
CVE-2006-3636Multiple cross-site scripting (XSS) vulnerabilities in Mailman before ...
CVE-2006-2941Mailman before 2.1.9rc1 allows remote attackers to cause a denial of ...
CVE-2006-2191** DISPUTED ** ...
CVE-2006-1712Cross-site scripting (XSS) vulnerability in the private archive script ...
CVE-2006-0052The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, ...
CVE-2005-4153Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial ...
CVE-2005-3573Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character ...
CVE-2005-0202Directory traversal vulnerability in the true_path function in ...
CVE-2005-0080The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 ...
CVE-2004-1177Cross-site scripting (XSS) vulnerability in the driver script in ...
CVE-2004-1143The password generation in mailman before 2.1.5 generates only 5 ...
CVE-2004-0412Mailman before 2.1.5 allows remote attackers to obtain user passwords ...
CVE-2004-0182Mailman before 2.0.13 allows remote attackers to cause a denial of ...
CVE-2003-0992Cross-site scripting (XSS) vulnerability in the create CGI script for ...
CVE-2003-0991Unknown vulnerability in the mail command handler in Mailman before ...
CVE-2003-0965Cross-site scripting (XSS) vulnerability in the admin CGI script for ...
CVE-2003-0038Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 ...
CVE-2002-0855Cross-site scripting vulnerability in Mailman before 2.0.12 allows ...
CVE-2002-0388Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow ...

Security announcements

DSA / DLADescription
DLA-1442-2mailman - regression update
DLA-1442-1mailman - security update
DSA-4246-1mailman - security update
DSA-4108-1mailman - security update
DSA-4108-1mailman - security update
DLA-1272-1mailman - security update
DSA-3668-1mailman - security update
DLA-608-1mailman - security update
DSA-3214-1mailman - security update
DLA-186-1mailman - security update
DSA-2170-1mailman - several vulnerabilities
DSA-2170-1mailman - several vulnerabilities
DSA-1188-1mailman
DSA-1027-1mailman - programming error
DSA-1027-1mailman - programming error
DSA-955-1mailman - DoS
DSA-955-1mailman - DoS
DSA-674-1mailman - cross-site scripting, directory traversal
DSA-436mailman - several vulnerabilities
DSA-147mailman - cross-site scripting

Search for package or bug name: Reporting problems