[Mailman-Developers] Re: [Mailman-Announce] RELEASED Mailman 2.1.5
John Dennis
jdennis at redhat.com
Tue May 18 14:44:53 EDT 2004
On Sat, 2004-05-15 at 19:22, Barry Warsaw wrote:
> This version also contains a fix
> for an exploit that could allow 3rd parties to retrieve member
> passwords. It is thus highly recommended that all existing sites
> upgrade to the latest version.
Could you be more specific about the exploit? Is there a CVE or CAN open
against it? I assume given the public announcement this is not an
embargoed security exploit, or is it?
--
John Dennis <jdennis at redhat.com>
More information about the Mailman-Developers
mailing list