Описание
ELSA-2015-1153: mailman security and bug fix update (MODERATE)
[3:2.1.15-21]
- fix CVE-2015-2775 - directory traversal in MTA transports
[3:2.1.15-20]
- fix #1107652 - do not install patch backup files in documentation
[3:2.1.15-19]
- fix #1188043 - set 2775 permission only for /etc/mailman
[3:2.1.15-18]
- fix #1107652 - add support for DMARC
- fix #1180981 - install tmpfiles.d into /usr/lib instead of /etc
- fix #1188043 - set 2775 permission for /etc/mailman
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
mailman
2.1.15-21.el7_1
Связанные CVE
Связанные уязвимости
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
Directory traversal vulnerability in GNU Mailman before 2.1.20, when n ...
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.