GNU Mailman

  1. Bug #1747209
  2. Activity log

Activity log for bug #1747209

Date Who What changed Old value New value Message
2018-02-03 23:34:27 Mark Sapiro bug added bug
2018-02-03 23:34:27 Mark Sapiro attachment added Patch to fix this issue https://bugs.launchpad.net/bugs/1747209/+attachment/5048344/+files/options.patch
2018-02-03 23:35:47 Mark Sapiro cve linked 2018-5950
2018-02-03 23:36:47 Mark Sapiro description CVE-2018-5950 A crafted URL for a user options page can cause a browser to execute arbitrary script encoded in the URL. Also, in developing a fix for this issue it was discovered that a user options URL with a VARHELP query fragment would display the user options page without requiring login. No changes could be made and the settings revealed are not particularly sensitive, but this could be used to fish for membership on a list with a private roster. CVE-2018-5950 A crafted URL for a user options page can cause a browser to execute arbitrary script encoded in the URL. Also, in developing a fix for this issue it was discovered that a user options URL with a VARHELP query fragment would display the user options page without requiring login. No changes could be made and the settings revealed are not particularly sensitive, but this could be used to fish for membership on a list with a private roster. Thanks to Calum Hutton for the original report.
2018-02-04 17:21:35 Launchpad Janitor branch linked lp:mailman/2.1
2018-02-04 17:25:18 Mark Sapiro information type Private Security Public
2018-02-04 17:55:16 Jim Popovitch bug added subscriber Jim Popovitch
2018-02-04 18:11:53 Mark Sapiro mailman: status In Progress Fix Released