[Bug 770581] [NEW] The list admin or moderator password can be compromised by sending in an Approved: header
Public bug reported: If posting to a list is secured by requiring an Approved: or X-Approved: header for a post to be accepted without moderation, the list admin or moderator password can be compromised by sending it in the headers of an email message. There should be a 'poster' password for this purpose only so the consequences of compromise would be less severe. ** Affects: mailman Importance: Wishlist Assignee: Mark Sapiro (msapiro) Status: In Progress -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/770581 Title: The list admin or moderator password can be compromised by sending in an Approved: header
** Changed in: mailman Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/770581 Title: The list admin or moderator password can be compromised by sending in an Approved: header
** Changed in: mailman Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/770581 Title: The list admin or moderator password can be compromised by sending in an Approved: header To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/770581/+subscriptions
participants (1)
-
Mark Sapiro