[Mailman-Developers] [Fwd: [vendor-sec] Weak auto-generated
passwords in Mailman]
Florian Weimer
fw at deneb.enyo.de
Wed Dec 22 11:04:17 CET 2004
* John Dennis:
> This was forwarded to me by our security officer. I believe the original
> author, Florian Weimer, intended to reach this list but did not know how
> to and instead went through his security contacts.
Of course I went through my security contacts because I thought (and
still think) that this is a security issue. I didn't want to disclose
it on a public mailing list such as this one before a fix (as
described in the message) was implemented.
Feedback from selected, trustworthy Mailman users indicates that
Mailman users also think that this is a security bug.
More information about the Mailman-Developers
mailing list