-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 06 Apr 2015 15:36:15 +0000 Source: mailman Binary: mailman Architecture: source amd64 Version: 1:2.1.18-2 Distribution: unstable Urgency: high Maintainer: Mailman for Debian <pkg-mailman-hackers@lists.alioth.debian.org> Changed-By: Thijs Kinkhorst <thijs@debian.org> Description: mailman - Powerful, web-based mailing list manager Closes: 781626 Changes: mailman (1:2.1.18-2) unstable; urgency=high . * Fix security issue: path traversal through local_part. Affects installations which use an Exim or Postfix transport instead of fixed aliases; attacker needs to be able to place files on the local filesystem. (CVE-2015-2775, Closes: 781626) Checksums-Sha1: 6cf7e1c8564f4a7b5cbad45a31d0e668d82ef010 1697 mailman_2.1.18-2.dsc 224a12136519bf0b3c1c4b8de62d37cd1a9eee4a 103968 mailman_2.1.18-2.debian.tar.xz f2bd682a476df319677d6f5471f8f7bb75fc0bda 4349946 mailman_2.1.18-2_amd64.deb Checksums-Sha256: 141626fdcc78e574a4e916624d8bc909668973e0e751226bf049b0183acdfc2e 1697 mailman_2.1.18-2.dsc f40bf863a71d44dd6900232b922fa65f5d48443d591dfe77260fbe50da04094a 103968 mailman_2.1.18-2.debian.tar.xz a25b96f34b457ccd1f4943f8926ecffe76f8591bf511f9800c034d4cb163d429 4349946 mailman_2.1.18-2_amd64.deb Files: ad6dd3c21ec46a21a251fc75a1aa69de 1697 mail optional mailman_2.1.18-2.dsc 226a349c0304459d725db61175a708a8 103968 mail optional mailman_2.1.18-2.debian.tar.xz fb9dee73a62e64bfcf265509f617384b 4349946 mail optional mailman_2.1.18-2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJVIqpwAAoJEFb2GnlAHawEB7AIAIqQM68u8EwoZqw0KtDN7Cr1 3IPfXEzMiRzmuxYTilT12jC6SDaBJCQdeaChgoN0Yt2N3WJnLTOjWdW/a6INjX21 wmbIDWmovWDyq10CX7R9W9VG6jX/+gRske0jQYL2keT4EAEHqG3FV0kijxbGXDj8 PXZ6p6wAaVRZkMPGWXCgOGqG9/EF93XBvlKw3T3mK0oGijlpi9yZo/Z6FjiYmcLO iSDcqt0W9h1t1vGfksuu8g31sMBLLLHeb/B7ODneX6l1OTZD7vqVkZJ4rG00z9fd QqX6HS13/AkVA+XxtMmflBFxeEOiJZVlCf6BNwi3BtjxEXwNcvduN5OIDTstfno= =JUUL -----END PGP SIGNATURE-----
