MDVSA-2010:191
- Package name
- mailman
- Date
- 2010-10-01
- Advisory ID
- MDVSA-2010:191
- Affected versions
- 2009.0 x86_64 , MES5 i586 , 2010.1 i586 , 2010.0 x86_64 , 2010.0 i586 , 2009.1 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , 2009.1 x86_64 , MES5 x86_64 , 2010.1 x86_64
Problem description
Multiple vulnerabilities has been found and corrected in mailman:
Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman
before 2.1.14rc1 allow remote authenticated users to inject arbitrary
web script or HTML via vectors involving (1) the list information
field or (2) the list description field (CVE-2010-3089).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
Updated packages
2009.0 x86_64
7c163192b300d72f301383c395da3b66 2009.0/x86_64/mailman-2.1.11-1.1mdv2009.0.x86_64.rpm f97873131d08c4325a898ab7a715351d 2009.0/SRPMS/mailman-2.1.11-1.1mdv2009.0.src.rpm
MES5 i586
6d2706e0f8f9001a673c8141eed8638d mes5/i586/mailman-2.1.11-1.1mdvmes5.1.i586.rpm f45434df800279721a685123da24af21 mes5/SRPMS/mailman-2.1.11-1.1mdvmes5.1.src.rpm
2010.1 i586
e83ec834da21aaa9ac825b9dcca38066 2010.1/i586/mailman-2.1.13-1.1mdv2010.1.i586.rpm 23adc2d02aa602f4195d2133b86e68da 2010.1/SRPMS/mailman-2.1.13-1.1mdv2010.1.src.rpm
2010.0 x86_64
32b176fd2c1f8185ae061ca48020211f 2010.0/x86_64/mailman-2.1.12-3.1mdv2010.0.x86_64.rpm db0d3c48e664467c204d46fb9d5d86c8 2010.0/SRPMS/mailman-2.1.12-3.1mdv2010.0.src.rpm
2010.0 i586
a68bf17fb97f611aa5fd07edbfd25622 2010.0/i586/mailman-2.1.12-3.1mdv2010.0.i586.rpm db0d3c48e664467c204d46fb9d5d86c8 2010.0/SRPMS/mailman-2.1.12-3.1mdv2010.0.src.rpm
2009.1 i586
8ca5797ee931ade6c4756a044e9e9ac6 2009.1/i586/mailman-2.1.12-1.1mdv2009.1.i586.rpm 73ac7c0336096a0ee1cbf24520220c27 2009.1/SRPMS/mailman-2.1.12-1.1mdv2009.1.src.rpm
2009.0 i586
21de029e60fc9b80988dff7898ca8658 2009.0/i586/mailman-2.1.11-1.1mdv2009.0.i586.rpm f97873131d08c4325a898ab7a715351d 2009.0/SRPMS/mailman-2.1.11-1.1mdv2009.0.src.rpm
CS4.0 i586
309605c757131162e730e8d2e77a0331 corporate/4.0/i586/mailman-2.1.6-6.4.20060mlcs4.i586.rpm 3284f4a4621bd7a6d59ffe9173787a99 corporate/4.0/SRPMS/mailman-2.1.6-6.4.20060mlcs4.src.rpm
2008.0 x86_64
e3bc59b996c69c2721a712ebb794921f 2008.0/x86_64/mailman-2.1.9-2.2mdv2008.0.x86_64.rpm 749c76d1c7e7f4282b7ffbae1e442763 2008.0/SRPMS/mailman-2.1.9-2.2mdv2008.0.src.rpm
CS4.0 x86_64
28250e366a8fab9c50d8e3964d593c9b corporate/4.0/x86_64/mailman-2.1.6-6.4.20060mlcs4.x86_64.rpm 3284f4a4621bd7a6d59ffe9173787a99 corporate/4.0/SRPMS/mailman-2.1.6-6.4.20060mlcs4.src.rpm
2008.0 i586
e08b1d9a020747ab70982e13a105bb48 2008.0/i586/mailman-2.1.9-2.2mdv2008.0.i586.rpm 749c76d1c7e7f4282b7ffbae1e442763 2008.0/SRPMS/mailman-2.1.9-2.2mdv2008.0.src.rpm
2009.1 x86_64
f750f959be5916b1995391ccdcebb769 2009.1/x86_64/mailman-2.1.12-1.1mdv2009.1.x86_64.rpm 73ac7c0336096a0ee1cbf24520220c27 2009.1/SRPMS/mailman-2.1.12-1.1mdv2009.1.src.rpm
MES5 x86_64
3d512d16b23e2bd2af6d9380376dd83c mes5/x86_64/mailman-2.1.11-1.1mdvmes5.1.x86_64.rpm f45434df800279721a685123da24af21 mes5/SRPMS/mailman-2.1.11-1.1mdvmes5.1.src.rpm
2010.1 x86_64
e93de69f9cccc6d208190ec865b29cd2 2010.1/x86_64/mailman-2.1.13-1.1mdv2010.1.x86_64.rpm 23adc2d02aa602f4195d2133b86e68da 2010.1/SRPMS/mailman-2.1.13-1.1mdv2010.1.src.rpm