31 Jan
2006
31 Jan
'06
1:37 a.m.
Tokio Kikuchi wrote:
http://www.securityfocus.com/bid/16248/discuss GNU Mailman Large Date Data Denial Of Service Vulnerability GNU Mailman is prone to a denial of service attack. This issue affects the email date parsing functionality of Mailman. (snip) 06.3.18 CVE: CVE-2005-4153 (snip)
Mailman-2.1.7 is not vulnerable to this issue.
We may have to patch against this email package parsedate bug. I've just uploaded a patch on SF tracker. Please someone review this before I commit in the CVS (this weekend, maybe). https://sourceforge.net/tracker/?func=add&group_id=103&atid=300103
Cheers,
Tokio Kikuchi, tkikuchi@ is.kochi-u.ac.jp http://weather.is.kochi-u.ac.jp/