ELSA-2020-1054

Опубликовано: 06 апр. 2020

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2020-1054: mailman security and bug fix update (MODERATE)

[3:2.1.15-30]

Resolves: #1599692 - Sanitize input on listinfo page (CVE-2018-0618)

[3:2.1.15-29]

Resolves: #1611689 - Trim long text in 'no such list' messages

[3:2.1.15-28]

Resolves: #1718180 - Try to decode member name first

[3:2.1.15-27]

Related : #1545973 - Bump release to override rhel-7.4.z version

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

mailman

2.1.15-30.el7

Oracle Linux x86_64

mailman

2.1.15-30.el7

Связанные CVE

CVE-2018-0618

CVE-2018-13796

Ссылки на источники

Связанные уязвимости

SUSE-SU-2019:13924-1

suse-cvrf

около 7 лет назад

Security update for mailman

SUSE-SU-2018:4296-1

suse-cvrf

около 7 лет назад

Security update for mailman

CVE-2018-13796

CVSS3: 6.5

ubuntu

больше 7 лет назад

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

CVE-2018-13796

CVSS3: 4.3

redhat

больше 7 лет назад

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

CVE-2018-13796

CVSS3: 6.5

nvd

больше 7 лет назад

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.