Updated mailman packages fix security vulnerabilities
Publication date: 11 May 2015Modification date: 11 May 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-2775
Description
Updated mailman packages fix security vulnerability: A path traversal vulnerability was discovered in Mailman. Installations using a transport script (such as postfix-to-mailman.py) to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully exploit this, an attacker needs write access on the local file system (CVE-2015-2775).
References
SRPMS
4/core
- mailman-2.1.20-1.1.mga4