Sicherheit: Ausführen beliebiger Kommandos in MailMan
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in MailMan
ID: FEDORA-2015-5216
Distribution: Fedora
Plattformen: Fedora 21
Datum: Do, 30. April 2015, 14:15
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2775
Applikationen: MailMan


Name        : mailman
Product : Fedora 21
Version : 2.1.20
Release : 1.fc21
URL : http://www.list.org/
Summary : Mailing list manager with built in Web access
Description :
Mailman is software to help manage email discussion lists, much like
Majordomo and Smartmail. Unlike most similar products, Mailman gives
each mailing list a webpage, and allows users to subscribe,
unsubscribe, etc. over the Web. Even the list manager can administer
his or her list entirely from the Web. Mailman also integrates most
things people want to do with mailing lists, including archiving, mail
<-> news gateways, and so on.

Documentation can be found in: /usr/share/doc/mailman

When the package has finished installing, you will need to perform some
additional installation steps, these are described in:

Update Information:

Update to new version 2.1.20.
Fix dependency on python-dns.

* Wed Apr 1 2015 Jan Kaluza <jkaluza@redhat.com> - 3:2.1.20-1
- update to new upstream versino 2.1.20 (#1207900)
* Mon Mar 2 2015 Jan Kaluza <jkaluza@redhat.com> - 3:2.1.19-1
- update to new upstream version 2.1.19 (#1187894)
* Tue Feb 17 2015 Jan Kaluza <jkaluza@redhat.com> - 3:
- require python-dns

[ 1 ] Bug #1208059 - CVE-2015-2775 mailman: directory traversal in MTA
transports that deliver programmatically

This update can be installed with the "yum" update program. Use
su -c 'yum update mailman' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten