Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted mailman 1:2.1.29-1+deb10u3 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
Date: Tue, 30 Nov 2021 20:47:20 +0000
Signed by: Salvatore Bonaccorso <carnil@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 20 Nov 2021 15:17:30 +0100
Source: mailman
Architecture: source
Version: 1:2.1.29-1+deb10u3
Distribution: buster
Urgency: medium
Maintainer: Mailman for Debian <pkg-mailman-hackers@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1000367
Changes:
 mailman (1:2.1.29-1+deb10u3) buster; urgency=medium
 .
   * Non-maintainer upload by the Security Team.
   * Potential XSS attack via the user options page (CVE-2021-43331)
     (Closes: #1000367)
   * A list moderator can crack the list admin password encrypted in a CSRF
     token (CVE-2021-43332) (Closes: #1000367)
Checksums-Sha1: 
 7f5840ea075baffd8146ddcd58ca7def3d44c9b4 2238 mailman_2.1.29-1+deb10u3.dsc
 894ef361cfbfaa2aa197842cfdee70cec0e7db41 102272 mailman_2.1.29-1+deb10u3.debian.tar.xz
Checksums-Sha256: 
 2ad868bbb08a1fffa4268a6d47a632681469c1e9fcd08dd4fdbd2abcdab56a24 2238 mailman_2.1.29-1+deb10u3.dsc
 12a81077a71da232b922b5a30337933f493f0e5cb8c58d38e72c0920aa56e5e0 102272 mailman_2.1.29-1+deb10u3.debian.tar.xz
Files: 
 c330708c4ed894fcf0e2caacf3b64598 2238 mail optional mailman_2.1.29-1+deb10u3.dsc
 ee0969c52a29cbab6e28e31d09f0588d 102272 mail optional mailman_2.1.29-1+deb10u3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmGbh3JfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EtcEP/j1bAD3Z0l80kLe5EPoB4YriwEjoQrzw
VxlQBLDZi/w3kCk8ZCPwt+9EQYv3ypR6Wm5EeFalK++aMstat56yx8VmxIuDTbF/
6cw+Tfi8W8Ba7bKOpxnNuT4Omkqi/GOikdDTEM1t3XEquBg7xblwpjFfO8x6DDo8
Z7tyGlAM2M+TH768kuaQBNBGgnvDvVLIcXfv5VghqB9+iR+RSg9sLs4BCqj96fnf
FTnGkwLKVjB3+ZfD8GE3gJAnl461Xui5z4JKNhrJxlrcsw7d25FOi1ZKRO+IsNZV
u7Qn/G07V5opcbbGPhEr1WASNPylwYcX+VlZVDCpAb8cXJGSOh7YhQX9pmf7hwc0
le4kieOYhxhCfKq7udWNMduRCkisPG2rEIgZ4MhD5ZXoPN/r3A7GSdsQqcI4SP60
wwOEwQZpDQsIaS1IvDmOaocMXXqSBo5huVLpZlPcbJRHrkBVHuuBaW0ohg/0h6p5
mR5Zi3QDMc1VJ1cfWfmkaJgcMmpvbLJJjGej7Cv3y98uY4XSopsGtzDjIzOKrqds
nzVzXcAxByPuKr3eO4al3TfbG4KumYDirXL3znIHyVautZZoU10JAW3BEomPZuIp
V4x2swjt6MtePlUCp9yZdJWrxHWk0uEUrp04b4sJ3hPRkb671L3ZmRfWu5lER4ly
YCEbYRp9oi2F
=sfBC
-----END PGP SIGNATURE-----

News for package mailman