[Mailman-Developers] [Fwd: [vendor-sec] Weak auto-generated passwords in Mailman]

Florian Weimer fw at deneb.enyo.de
Wed Dec 22 11:04:17 CET 2004

* John Dennis:

> This was forwarded to me by our security officer. I believe the original
> author, Florian Weimer, intended to reach this list but did not know how
> to and instead went through his security contacts.

Of course I went through my security contacts because I thought (and
still think) that this is a security issue.  I didn't want to disclose
it on a public mailing list such as this one before a fix (as
described in the message) was implemented.

Feedback from selected, trustworthy Mailman users indicates that
Mailman users also think that this is a security bug.

More information about the Mailman-Developers mailing list