mailman Security update for mailman Sicherheitsupdate für mailman This update of mailman fixes the following security issues: - A malicious user could visit a specially crafted URI and inject an apparent log message into Mailman's error log which might induce an unsuspecting administrator to visit a phishing site. This has been blocked. Thanks to Moritz Naumann for its discovery. - Fixed denial of service attack which can be caused by some standards-breaking RFC 2231 formatted headers. CVE-2006-2941. - Several cross-site scripting issues have been fixed. Thanks to Moritz Naumann for their discovery. CVE-2006-3636 - Fixed an unexploitable format string vulnerability. Discovery and fix by Karl Chen. Analysis of non-exploitability by Martin 'Joey' Schulze. Also thanks go to Lionel Elie Mamane. CVE-2006-2191. Mit diesm Update von mailman wurden mehrere Sicherheitsprobleme behoben: - die Fehlerlogs können irreführende Einträge enthalten - mögliche Denial-of-Service Angriffe, CVE-2006-2941 - mögliche Cross-Site-Scripting Probleme, CVE-2006-3636 - ein Format-String Fehler (nicht exploitbar), CVE-2006-2191 security mailman i586 e00799172b6cadb5f1b69b2f684b1722534eae4b mailman ppc aacd6bf9fdb26fd1910f5824b75f1af42421cb77 mailman x86_64 ae83468a1f1f8e51eeaffb944a872eef9048e024