Advisories ยป MGASA-2015-0085

Updated sympa packages fix CVE-2015-1306

Publication date: 26 Feb 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-1306


Updated sympa packages fix security vulnerability:

A vulnerability have been discovered in Sympa web interface that allows access
to files on the server filesystem. This breach allows to send to a list or a
user any file readable by the Sympa user, located on the server filesystem,
using the Sympa web interface newsletter posting area (CVE-2015-1306).