diff options
author | Mark Sapiro <mark@msapiro.net> | 2018-06-24 19:50:53 -0700 |
---|---|---|
committer | Mark Sapiro <mark@msapiro.net> | 2018-06-24 19:50:53 -0700 |
commit | 6d34c9abd0d8e425f03215153fc80c18d5253a53 (patch) | |
tree | 3155a938242cc447867437b49795c8127f0bf03e /NEWS | |
parent | 11c0af19222d0176b4f9c9c515274c61b49eec33 (diff) | |
download | mailman2-6d34c9abd0d8e425f03215153fc80c18d5253a53.tar.gz mailman2-6d34c9abd0d8e425f03215153fc80c18d5253a53.tar.xz mailman2-6d34c9abd0d8e425f03215153fc80c18d5253a53.zip |
Added a CVE reference.
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -11,10 +11,10 @@ Here is a history of user visible changes to Mailman. - Existing protections against malicious listowners injecting evil scripts into listinfo pages have had a few more checks added. - JVN#00846677/JPCERT#97432283 + JVN#00846677/JPCERT#97432283/CVE-2018-0618 - A few more error messages have had their values HTML escaped. - JVN#00846677/JPCERT#97432283 + JVN#00846677/JPCERT#97432283/CVE-2018-0618 - The hash generated when SUBSCRIBE_FORM_SECRET is set could have been the same as one generated at the same time for a different list and |