USN-5121-2 -- mailman vulnerabilitiesID: oval:org.secpod.oval:def:76357 | Date: (C)2021-12-10 (M)2023-12-20 |
Class: PATCH | Family: unix |
mailman: Web-based mailing list manager Details: USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Linux Mint 20.x LTS. In addition, the following CVEs were fixed: It was discovered that Mailman allows arbitrary content injection. An attacker could use this to inject malicious content. It was discovered that Mailman improperly sanitize the MIME content. An attacker could obtain sensitive information by sending a special type of attachment. Original advisory Several security issues were fixed in Mailman.