SUSE-SU-2018:1638-1 -- SLES mailmanID: oval:org.secpod.oval:def:89002028 | Date: (C)2021-02-26 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for mailman to version 2.1.15 fixes the following issues: - CVE-2016-6893: Prevent cross-site request forgery vulnerability in the user options page that allowed remote attackers to hijack the authentication of arbitrary users for requests that modify an option . - Various other hardenings against CSFR attacks For details please see https://launchpad.net/mailman/+milestone/2.1.15
Platform: |
SUSE Linux Enterprise Server 11 SP4 |