Mailman-coders

Download

mailman-coders@python.org

June 2023

2 discussions

[Bug 2015416] [NEW] Membership information leak through options page.
by Mark Sapiro July 11, 2024

July 11, 2024

*** This bug is a security vulnerability *** Private security bug reported: This is similar to but different from #1968443. The issue is on a list with private rosters an attempt to log in to the options page with an email address which is not a list member just returns the options login page with no error, but attempt to login with an email address which is a list member returns the page with a 401 status and an `Authentication failed.` error message. This could be used to fish for membership on a list with private rosters. ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/2015416 Title: Membership information leak through options page. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/2015416/+subscriptions

3 4

[Bug 1756009] [NEW] emails are not delivered to all recipients
by Raimonds Aug. 2, 2023

Aug. 2, 2023

Public bug reported: Mailman often do not send emails to all addressees. Usually a single recipient is lost, but sometimes 2 or 3. there is a fragment from mailmans smtp log file, recipient count randomly changed from 28 to 27. Mar 15 08:57:31 2018 (60449) <20180315065723.E829F124FB4(a)naf.iem.gov.lv> smtp to dml-patch for 28 recips, completed in 0.395 seconds Mar 15 08:58:17 2018 (60449) <20180315065811.D36F512506A(a)naf.iem.gov.lv> smtp to dml-patch for 27 recips, completed in 0.167 seconds Mar 15 09:09:04 2018 (60449) <20180315070859.42309125071(a)naf.iem.gov.lv> smtp to dml-patch for 28 recips, completed in 0.148 seconds Mar 15 09:13:47 2018 (60449) <20180315071331.34C3B12506A(a)naf.iem.gov.lv> smtp to dml-patch for 27 recips, completed in 0.151 seconds Mar 15 09:14:59 2018 (60449) <20180315071453.7FC1412506A(a)naf.iem.gov.lv> smtp to dml-patch for 28 recips, completed in 0.082 seconds Mar 15 09:15:54 2018 (60449) <20180315071548.217D912505D(a)naf.iem.gov.lv> smtp to dml-patch for 28 recips, completed in 0.249 seconds Mar 15 09:16:59 2018 (60449) <20180315071623.0193912506A(a)naf.iem.gov.lv> smtp to dml-patch for 28 recips, completed in 0.131 seconds Mar 15 09:17:05 2018 (60449) <20180315071629.1FD64124FC5(a)naf.iem.gov.lv> smtp to dml-patch for 27 recips, completed in 0.143 seconds Mar 15 09:17:27 2018 (60449) <20180315071645.194B212505A(a)naf.iem.gov.lv> smtp to dml-patch for 28 recips, completed in 0.093 seconds Mar 15 09:17:56 2018 (60449) <20180315071702.004EA12505A(a)naf.iem.gov.lv> smtp to dml-patch for 27 recips, completed in 0.211 seconds Mar 15 09:18:11 2018 (60449) <20180315071706.4F5F112505A(a)naf.iem.gov.lv> smtp to dml-patch for 27 recips, completed in 0.089 seconds Mar 15 09:18:20 2018 (60449) <20180315071711.BDFE412505A(a)naf.iem.gov.lv> smtp to dml-patch for 27 recips, completed in 0.112 seconds Mar 15 09:23:06 2018 (60449) <20180315072058.5882812506A(a)naf.iem.gov.lv> smtp to dml-patch for 28 recips, completed in 0.129 seconds Mar 15 09:23:34 2018 (60449) <20180315072217.AE70D125068(a)naf.iem.gov.lv> smtp to dml-patch for 28 recips, completed in 0.560 seconds Mar 15 09:23:41 2018 (60449) <20180315072244.39896124733(a)naf.iem.gov.lv> smtp to dml-patch for 28 recips, completed in 0.061 seconds list_members command always shows correct members count 28. /usr/lib/mailman/bin/list_members dml-patch | wc -l 28 OS CentOS Linux release 7.4.1708 Using Mailman version: 2.1.15 (standart centos package) The same problem was occur on Red Hat Enterprise Linux Server release 6.9 (Santiago) Mailman version: 2.1.12 ** Affects: mailman Importance: Undecided Status: New -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1756009 Title: emails are not delivered to all recipients To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1756009/+subscriptions

4 6