[Pkg-mailman-hackers] Re: Mailman DoS CVE-2005-3573, debbug #339095
Lionel Elie Mamane
lmamane at debian.org
Sat Jan 21 00:54:57 UTC 2006
(second try with CC to the _right_ mailman maintainers list)
On Fri, Jan 20, 2006 at 09:50:45AM -0500, Michael Stone wrote:
> This fell through the cracks; is there anything else that should be
> added or is it read to go?
I'm not aware of any additional security issue. Be sure to apply the
_second_ patch I sent to the list (that adds
debian/patches/70_invalid_utf8_dos.dpatch and
debian/patches/71_date_overflows.dpatch) in
http://lists.debian.org/debian-security/2005/12/msg00032.html (and not
the first in
http://lists.debian.org/debian-security/2005/12/msg00030.html) and
read http://lists.debian.org/debian-security/2005/12/msg00033.html,
which gives the right CVE number for the second issue. (I forgot to
put it in the changelog in the patch.)
--
Lionel
More information about the Pkg-mailman-hackers
mailing list