diff options
| author | Mark Sapiro <mark@msapiro.net> | 2021-11-11 11:08:02 -0800 |
|---|---|---|
| committer | Mark Sapiro <mark@msapiro.net> | 2021-11-11 11:08:02 -0800 |
| commit | d9e523199b4203dfeddfe2d8b03524ccf9fdf4a3 (patch) | |
| tree | a42ab3dc38ffa25eaaf99fd3222109e3a163e2ec /NEWS | |
| parent | 8b4c3d43cab5bc39a9bb5f8151517a4aa7d7867c (diff) | |
| download | mailman2-d9e523199b4203dfeddfe2d8b03524ccf9fdf4a3.tar.gz mailman2-d9e523199b4203dfeddfe2d8b03524ccf9fdf4a3.tar.xz mailman2-d9e523199b4203dfeddfe2d8b03524ccf9fdf4a3.zip | |
Bumped branch version to: 2.1.36
Diffstat (limited to '')
| -rw-r--r-- | NEWS | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -5,17 +5,17 @@ Copyright (C) 1998-2020 by the Free Software Foundation, Inc. Here is a history of user visible changes to Mailman. -2.1.36 (xx-Nov-2021) +2.1.36 (12-Nov-2021) Security - A potential XSS attack via the user options page has been reported by - Harsh Jaiswal. This is fixed. CVE-2021-43331 (LP:#1949401) + Harsh Jaiswal. This is fixed. CVE-2021-43331 (LP: #1949401) - A potential for for a list moderator to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas, Richard Cloke and Andy Nuttall of Apple. This is fixed. - CVE-2021-43332 (LP:#1949403) + CVE-2021-43332 (LP: #1949403) 2.1.35 (19-Oct-2021) @@ -24,10 +24,10 @@ Here is a history of user visible changes to Mailman. - A potential for for a list member to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas, Richard Cloke and Andy Nuttall of Apple. This is fixed. - CVE-2021-42096 (LP:#1947639) + CVE-2021-42096 (LP: #1947639) - A CSRF attack via the user options page could allow takeover of a users - account. This is fixed. CVE-2021-42097 (LP:#1947640) + account. This is fixed. CVE-2021-42097 (LP: #1947640) Bug Fixes and other patches |