This update for mailman to version 2.1.15 fixes the following issues: - CVE-2016-6893: Prevent cross-site request forgery vulnerability in the user options page that allowed remote attackers to hijack the authentication of arbitrary users for requests that modify an option . - Various other hardenings against CSFR attacks For details please see https://launchpad.net/mailman/+milestone/2.1.15