[Mailman-Users] Question about Security Bulletin

George A. Theall theall at tifaware.com
Mon Sep 11 16:10:36 CEST 2006

On Mon, Sep 11, 2006 at 07:59:44AM -0500, Barry Finkel wrote:

> This bulletin only mentions Red Hat.  Does the bulletin apply only
> to Red Hat distributions, or does it apply to all Mailman distributions?

The general Mailman distribution is affected as well; see:


> Is this a problem that only affects 2.1.5, or does it affect subsequent
> versions of Mailman?  Thanks.

If you have access to Nessus, you may want to take a look at a plugin
I wrote to check for the first issue mentioned:


[The plugin is available now to those with a direct feed and will become
available tomorrow for those with a registered feed.] I run a few lists
with 2.1.6 and that version is definitely vulnerable. 

theall at tifaware.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.python.org/pipermail/mailman-users/attachments/20060911/d49c62a5/attachment.pgp 

More information about the Mailman-Users mailing list