-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 2/13/2011 1:58 PM, Mark Sapiro wrote:
An XXS vulnerability affecting Mailman 2.1.14 and prior versions has recently been discovered. A patch has been developed to address this issue. The patch is small, affects only one module and can be applied to a live installation without requiring a restart.
In order to accommodate those who need some notice before applying such a patch, the patch will be posted on Friday, 18 February at about 16:00 GMT to the same four lists to which this announcement is addressed.
The vulnerability has been assigned CVE-2011-0707.
The patch is attached as confirm_xss.patch.txt.
Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32)
iD8DBQFNXpf1VVuXXpU7hpMRAs1nAJ97r3VEu5b5jl4JhdNv3r6x+ElqjQCghU+w Gp0hqWatECAYyAIL7IH9dGk= =8U6M -----END PGP SIGNATURE-----