Hi!
Am Fri, Feb 11, 2005 at 10:06:55AM +0900, Tokio Kikuchi schrieb:
> >Python 1 (respective at least 1.5.2) complains about syntax
> >errors. (Which, in fact, also helps against the vulnerability by
> >displaying the "You've found a Mailman bug" page. ;-)
>
> Change the true_path function as:
>
To answer a few recent questions.
To the best of my knowledge the patch is safe for any version of mailman
that contains the function true_path in private.py.
You will not see a new .pyc or .pyo file generated until the script is
executed for the first time after the change. In other words until
OK, thanks. With no modifications it did not apply, but I can probably get it
to work. It shouldn't cause any issues w/ 2.1 should it?
Thanks.
Quoting Ralf Hildebrandt <[EMAIL PROTECTED]>:
* AJ <[EMAIL PROTECTED]>:
Can this be applied to any 2.1 release?
I am running 2.1 at the moment.
The patch
* AJ <[EMAIL PROTECTED]>:
> Can this be applied to any 2.1 release?
> I am running 2.1 at the moment.
The patch is very small, so I'd think yes.
--
Ralf Hildebrandt (i.A. des IT-Zentrum) [EMAIL PROTECTED]
Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155
Gemeins
Can this be applied to any 2.1 release?
I am running 2.1 at the moment.
Thanks.
> Until Mailman 2.1.6 is released, the longer term fix is to apply this
> patch:
>
> http://www.list.org/CAN-2005-0202.txt
--
Mailman-Users mailing list
Mailm
There is a critical security flaw in Mailman 2.1.5 and earlier Mailman
2.1 versions which can allow remote attackers to gain access to member
passwords under certain conditions. The extent of the vulnerability
depends on what version of Apache you are running, and (possibly) how
you have configure
