[Mailman-Developers] bugtraq submission warning: email address harvesting exploit

Barry Warsaw barry at python.org
Thu Nov 27 13:28:25 EST 2003

On Tue, 2003-11-25 at 15:06, Bernhard Kuemel wrote:

> It would probably be more efficient if some who are familiar with 
> the mailman code fixed its "security flaws".

Just to be snitty and pedantic, I don't consider email address leaks in
Pipermail to be security flaws.  Not that I don't consider them serious
enough to address (I do), but it's a different class of problem than
some exploit that could be used to subvert the Mailman system or the
machine it's running on.


More information about the Mailman-Developers mailing list