aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMark Sapiro <mark@msapiro.net>2008-02-04 17:47:24 -0800
committerMark Sapiro <mark@msapiro.net>2008-02-04 17:47:24 -0800
commitf05065b0111adaa311ab909c29c1b93bd34451fc (patch)
tree81499a5030557e3a882bc9bd0385683fcf6173ee
parent3343bcb6b4c980f9296964800201d577d5e56194 (diff)
downloadmailman2-f05065b0111adaa311ab909c29c1b93bd34451fc.tar.gz
mailman2-f05065b0111adaa311ab909c29c1b93bd34451fc.tar.xz
mailman2-f05065b0111adaa311ab909c29c1b93bd34451fc.zip
The 2.1.10 security enhancements have been assigned a new CVE. Updated
NEWS accordingly.
-rw-r--r--NEWS8
1 files changed, 4 insertions, 4 deletions
diff --git a/NEWS b/NEWS
index 68b2d0af..1a11b661 100644
--- a/NEWS
+++ b/NEWS
@@ -8,11 +8,11 @@ Here is a history of user visible changes to Mailman.
Security
- - The 2.1.9 fixes for CVE-2006-3636 have been enhanced. In particular,
- many potential cross-site scripting attacks have are now detected in
+ - The 2.1.9 fixes for CVE-2006-3636 were not complete. In particular,
+ some potential cross-site scripting attacks were not detected in
editing templates and updating the list's info attribute via the web
- admin interface. Thanks again to Moritz Naumann for assistance with
- this.
+ admin interface. This has been assigned CVE-2008-0564 and has been
+ fixed. Thanks again to Moritz Naumann for assistance with this.
New Features