-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 01 Sep 2016 19:51:15 +0100 Source: mailman Binary: mailman Architecture: source amd64 Version: 1:2.1.15-1+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Mailman for Debian <pkg-mailman-hackers@lists.alioth.debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: mailman - Powerful, web-based mailing list manager Closes: 835970 Changes: mailman (1:2.1.15-1+deb7u2) wheezy-security; urgency=high . * CVE-2016-6893: Fix CSRF vulnerability associated in the user options page which could allow an attacker to obtain a user's password. (Closes: #835970) Checksums-Sha1: 08ff82cff9e1efa0b9155245fb972a024849f344 2030 mailman_2.1.15-1+deb7u2.dsc 462ac96331491c76aca0128d8f9ced18c50a75d7 8468107 mailman_2.1.15.orig.tar.gz 7df2ca62fb4c7944f564e5484f5172eb5a72dbc5 100674 mailman_2.1.15-1+deb7u2.debian.tar.gz 06e2fc1de903f897f1d1ecc55e90a824c61dd95f 10156984 mailman_2.1.15-1+deb7u2_amd64.deb Checksums-Sha256: bb0ceb6abf8dfe1868a3894245a20744685ebdf6124f2941cc466b61052e71ff 2030 mailman_2.1.15-1+deb7u2.dsc f355fb3d31772b488449e6f5173dafd31edca93172c307244c791d25d9e2bec8 8468107 mailman_2.1.15.orig.tar.gz a87f237ade0c728887d65ebcf57b7275a17ca13fce5be86f19df8a4d246217cf 100674 mailman_2.1.15-1+deb7u2.debian.tar.gz 505150147f1eb1f93a3cf94c343c16e35fecfc96ce517aecc4381824dab21c19 10156984 mailman_2.1.15-1+deb7u2_amd64.deb Files: 00f8534d391d8bb6661325f8c7e812f8 2030 mail optional mailman_2.1.15-1+deb7u2.dsc 7d207489e8e9de0727cb334d46029833 8468107 mail optional mailman_2.1.15.orig.tar.gz 0bdad873604e43a2fe4f780d68a0f05f 100674 mail optional mailman_2.1.15-1+deb7u2.debian.tar.gz 4866893e09ad2a614df8cbf89262d66d 10156984 mail optional mailman_2.1.15-1+deb7u2_amd64.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJXyT8eAAoJEB6VPifUMR5YGx8P/Anbmq+HLBlKGSkU9B1lRoFI qXPEclMc7oxRnuN0Z60qz+rw/VML8M/I3RRBGsuy10110QdEGsqVw0VWmL4UKCJY gPn9UNPRZgx2OORm+/gCookSqo+2ZRj8UxZY8lXmtGhTIBlplNTAUqnitjCIRIux H3P10bQ9YE0q+BYUh3oh5RGbwqVaeFwwJdfCvRZ4G9drvd3UUl83ssiiUnJbT2t9 R9G4XHYUzeupsYNvqIHGCOn6Ch5+MSlpjtV0o5557f4vNtq4wt/1DzolSk2clKQA qk+6zDWE2JsJQSVJYmRWin4UTHmxEB84NzKNEsAJC/LleJT/Kc4fGtQt8xDHH41v JzI0YRdOouKhBUZVsUcZdjnHagjVvGleYtCA3WzS7sQBLpuV/8w7BsNJr7Clv/d7 VTk747lEOc0HL9CNwhJ6jFXdQswPPmbIJNXMoXURadQhz2TD3P0/IWMvp2pVWxeF xYaGIC1b4GL1c+8VD7aYYcTmPg9A1WmwLeF0qvSncY58V6tHl6a7euJgStlpCoeQ adRMc9jsqYg0Clh+9u/yuxfx/DH1AnjcX74qxPGIo8SjKQKSH9D1Vip+b/mbQNPb kLxK86xoBOAwo6Q6DuK2vVv+mNn4tP5AkphzIXosMiePyor6veYP0YM2Sm8jWVNz byOevecJXM7O2OmSuUfu =RCCB -----END PGP SIGNATURE-----