Fixed options login content injection vulnerability.

author: Mark Sapiro <mark@msapiro.net> 2020-05-05 08:08:54 -0700
committer: Mark Sapiro <mark@msapiro.net> 2020-05-05 08:08:54 -0700
commit: bb493df55fe504a0dd4f743ad48837fd18eb9888 (patch)
tree: c8f770a913249f6d32435d173c31986076317389 /NEWS
parent: 12155455f6afa9243c18077bdd064fceb428e56c (diff)
download: mailman2-bb493df55fe504a0dd4f743ad48837fd18eb9888.tar.gz
mailman2-bb493df55fe504a0dd4f743ad48837fd18eb9888.tar.xz
mailman2-bb493df55fe504a0dd4f743ad48837fd18eb9888.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 5e35d462..e9715d13 100644
--- a/NEWS
+++ b/NEWS
@@ -5,7 +5,12 @@ Copyright (C) 1998-2018 by the Free Software Foundation, Inc.
 
 Here is a history of user visible changes to Mailman.
 
-2.1.30-1 (xx-xxx-xxxx)
+2.1.31 (05-May-2020)
+
+  Security
+
+    - A content injection vulnerability via the options login page has been
+      discovered and reported by Vishal Singh. This is fixed.  (LP: #1873722)
 
   i18n
author	Mark Sapiro <mark@msapiro.net>	2020-05-05 08:08:54 -0700
committer	Mark Sapiro <mark@msapiro.net>	2020-05-05 08:08:54 -0700
commit	bb493df55fe504a0dd4f743ad48837fd18eb9888 (patch)
tree	c8f770a913249f6d32435d173c31986076317389 /NEWS
parent	12155455f6afa9243c18077bdd064fceb428e56c (diff)
download	mailman2-bb493df55fe504a0dd4f743ad48837fd18eb9888.tar.gz mailman2-bb493df55fe504a0dd4f743ad48837fd18eb9888.tar.xz mailman2-bb493df55fe504a0dd4f743ad48837fd18eb9888.zip