Activity log for bug #1780874
Date | Who | What changed | Old value | New value | Message |
---|---|---|---|---|---|
2018-07-09 23:16:13 | Mark Sapiro | bug | added bug | ||
2018-07-23 14:04:16 | Mark Sapiro | cve linked | 2018-13796 | ||
2018-07-23 14:13:18 | Launchpad Janitor | branch linked | lp:mailman/2.1 | ||
2018-07-23 14:24:33 | Mark Sapiro | attachment added | Patch to fix this issue https://bugs.launchpad.net/mailman/+bug/1780874/+attachment/5166712/+files/1780874.patch | ||
2018-07-23 14:25:07 | Mark Sapiro | information type | Private Security | Public | |
2018-07-23 15:06:44 | Mark Sapiro | mailman: status | In Progress | Fix Released | |
2018-07-23 19:17:09 | Mark Sapiro | description | A URL with a very long text listname such as http://www.example.com/mailman/listinfo/This_is_a_long_string_with_some_phishing_text will echo the text in the "No such list" error response. This can be used to make a potential victim think the phishing text comes from a trusted site. | A URL with a very long text listname such as http://www.example.com/mailman/listinfo/This_is_a_long_string_with_some_phishing_text will echo the text in the "No such list" error response. This can be used to make a potential victim think the phishing text comes from a trusted site. This issue was discovered by Hammad Qureshi <Hammad.Qureshi@dig8labs.com>. | |
2018-07-24 22:38:40 | Mark Sapiro | attachment removed | Patch to fix this issue https://bugs.launchpad.net/mailman/+bug/1780874/+attachment/5166712/+files/1780874.patch | ||
2018-07-24 22:44:08 | Mark Sapiro | attachment added | Updated patch to fix this issue https://bugs.launchpad.net/mailman/+bug/1780874/+attachment/5167324/+files/patch.txt |