GNU Mailman Admin Page Multiple Cross-Site Scripting Vulnerabilities

Solution:
This issue has been addressed in GNU Mailman 2.1.4.

Red Hat has released an advisory (FEDORA-2004-060) and fixes to address these issues in Fedora Linux. Users may apply these fixes using the "up2date" utility. Alternatively Fedora users may apply the fixes manually, fixes are linked below.

RedHat has released an advisory RHSA-2004:020-02 to address these issues. Please see the advisory in web references for more information.

Mandrake has released advisory MDKSA-2004:013 and fixes to address this issue.

Debian has released advisory 436-2 to address these issues. Please see the referenced advisories for more information.

Conectiva has released an advisory (CLA-2004:842) to address this and other issues. Please see the referenced advisory for more information.

Fixes:


Red Hat Fedora Core1

GNU Mailman 2.0 .3

GNU Mailman 2.0 .7

GNU Mailman 2.0 .2

GNU Mailman 2.0 .5

GNU Mailman 2.0

GNU Mailman 2.0 .1

GNU Mailman 2.0 .8

GNU Mailman 2.0 .6

GNU Mailman 2.0.1

GNU Mailman 2.0.10

GNU Mailman 2.0.11

GNU Mailman 2.0.12

GNU Mailman 2.0.13

GNU Mailman 2.0.2

GNU Mailman 2.0.3

GNU Mailman 2.0.4

GNU Mailman 2.0.5

GNU Mailman 2.0.6

GNU Mailman 2.0.7

GNU Mailman 2.0.8

GNU Mailman 2.0.9

GNU Mailman 2.1

GNU Mailman 2.1.1

GNU Mailman 2.1.10 b1

GNU Mailman 2.1.3


 

Privacy Statement
Copyright 2010, SecurityFocus