Synopsis: Moderate: mailman security and bug fix update
Advisory ID: SLSA-2020:1054-1
Issue Date: 2020-04-07
CVE Numbers: CVE-2018-0618
CVE-2018-13796
—
* mailman: Cross-site scripting vulnerability allows malicious listowners
to inject scripts into listinfo pages
* mailman: Mishandled URLs in Utils.py:GetPathPieces() allows attackers to
display arbitrary text on trusted sites
—
SL7
x86_64
mailman-2.1.15-30.el7.x86_64.rpm
mailman-debuginfo-2.1.15-30.el7.x86_64.rpm
– Scientific Linux Development Team
