[Mailman-Developers] Re: RELEASED Mailman 2.1.5
The Anarcat
anarcat at anarcat.ath.cx
Wed May 19 12:11:31 EDT 2004
> On Sat, 2004-05-15 at 19:22, Barry Warsaw wrote:
>
>>This version also contains a fix
>>for an exploit that could allow 3rd parties to retrieve member
>>passwords. It is thus highly recommended that all existing sites
>>upgrade to the latest version.
>
> Could you be more specific about the exploit? Is there a CVE or CAN open
> against it? I assume given the public announcement this is not an
> embargoed security exploit, or is it?
Also: what versions of mailman are affected?
A.
More information about the Mailman-Developers
mailing list