[Bug 230183] japanese/mailman is affected by CVE-2018-13796
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Jul 30 09:16:20 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230183
Bug ID: 230183
Summary: japanese/mailman is affected by CVE-2018-13796
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: Individual Port(s)
Assignee: tota at FreeBSD.org
Reporter: freebsd-bug-report-yf at yf.bsdclub.org
Flags: maintainer-feedback?(tota at FreeBSD.org)
Assignee: tota at FreeBSD.org
Created attachment 195627
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=195627&action=edit
patch to fix CVE-2018-13796 for 2.1.14+j7
(This is re-submit from Bug #22935 comment #3 and #4)
On Mon, 23 Jul 2018 Mailman 2.1.28 has been released and a vulnerability
CVE-2018-13796 has been published.
Mailman 2.1.28 release announcement
<https://www.mail-archive.com/mailman-users@python.org/msg71066.html>
Mailman 2.1.29 releas announcement
<https://www.mail-archive.com/mailman-users@python.org/msg71066.html>
vulnerability detail (launchpad.net, Bug 178074)
https://bugs.launchpad.net/mailman/+bug/1780874
This vulnerability affects mailman 2.1.14+j7. The patch attached in bug report
at launchpad.net is one for rev 1768 (between 2.1.26 release and 2.1.27
release) and above, so I've made patch for 2.1.14+j7 (attached patch).
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list