[Mailman-Users] Is mailman vulnerable to the httpoxy bug?
Perry E. Metzger
perry at piermont.com
Fri Jul 22 11:57:30 EDT 2016
On Tue, 19 Jul 2016 17:25:00 -0400 Jim Popovitch <jimpop at gmail.com>
wrote:
> On Tue, Jul 19, 2016 at 5:10 PM, Perry E. Metzger
> <perry at piermont.com> wrote:
> > https://httpoxy.org/ seems to impact any python program (among
> > many others) that runs under cgi. Does it cause trouble for
> > mailman? What is a reasonable mitigation?
>
> If I understand the issue correctly (and admittedly It's kinda a new
> issue) this only affects proxied HTTP transactions, not HTTPS ones.
That is incorrect, so far as I can tell.
Perry
--
Perry E. Metzger perry at piermont.com
More information about the Mailman-Users
mailing list