diff options
author | Mark Sapiro <mark@msapiro.net> | 2008-02-04 17:47:24 -0800 |
---|---|---|
committer | Mark Sapiro <mark@msapiro.net> | 2008-02-04 17:47:24 -0800 |
commit | f05065b0111adaa311ab909c29c1b93bd34451fc (patch) | |
tree | 81499a5030557e3a882bc9bd0385683fcf6173ee | |
parent | 3343bcb6b4c980f9296964800201d577d5e56194 (diff) | |
download | mailman2-f05065b0111adaa311ab909c29c1b93bd34451fc.tar.gz mailman2-f05065b0111adaa311ab909c29c1b93bd34451fc.tar.xz mailman2-f05065b0111adaa311ab909c29c1b93bd34451fc.zip |
The 2.1.10 security enhancements have been assigned a new CVE. Updated
NEWS accordingly.
-rw-r--r-- | NEWS | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -8,11 +8,11 @@ Here is a history of user visible changes to Mailman. Security - - The 2.1.9 fixes for CVE-2006-3636 have been enhanced. In particular, - many potential cross-site scripting attacks have are now detected in + - The 2.1.9 fixes for CVE-2006-3636 were not complete. In particular, + some potential cross-site scripting attacks were not detected in editing templates and updating the list's info attribute via the web - admin interface. Thanks again to Moritz Naumann for assistance with - this. + admin interface. This has been assigned CVE-2008-0564 and has been + fixed. Thanks again to Moritz Naumann for assistance with this. New Features |