Date: Mon, 30 Jul 2018 09:16:17 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 230183] japanese/mailman is affected by CVE-2018-13796 Message-ID: <bug-230183-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230183 Bug ID: 230183 Summary: japanese/mailman is affected by CVE-2018-13796 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: tota@FreeBSD.org Reporter: freebsd-bug-report-yf@yf.bsdclub.org Flags: maintainer-feedback?(tota@FreeBSD.org) Assignee: tota@FreeBSD.org Created attachment 195627 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D195627&action= =3Dedit patch to fix CVE-2018-13796 for 2.1.14+j7 (This is re-submit from Bug #22935 comment #3 and #4) On Mon, 23 Jul 2018 Mailman 2.1.28 has been released and a vulnerability CVE-2018-13796 has been published. Mailman 2.1.28 release announcement <https://www.mail-archive.com/mailman-users@python.org/msg71066.html>; Mailman 2.1.29 releas announcement <https://www.mail-archive.com/mailman-users@python.org/msg71066.html>; vulnerability detail (launchpad.net, Bug 178074) https://bugs.launchpad.net/mailman/+bug/1780874 This vulnerability affects mailman 2.1.14+j7. The patch attached in bug rep= ort at launchpad.net is one for rev 1768 (between 2.1.26 release and 2.1.27 release) and above, so I've made patch for 2.1.14+j7 (attached patch). --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-230183-7788>