Re: [Mailman-Users] Mailman Security Patch Announcement

2011-02-18 Thread Mark Sapiro
On 2/18/2011 8:01 AM, Mark Sapiro wrote: > > The patch is attached as confirm_xss.patch.txt. > This list's content filtering stripped the patch's signature part. For those who would want to verify the signature, I am resending the patch here as a PGP MIME format message which should pass content

Re: [Mailman-Users] Mailman Security Patch Announcement

2011-02-18 Thread Mark Sapiro
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2/13/2011 1:58 PM, Mark Sapiro wrote: > An XXS vulnerability affecting Mailman 2.1.14 and prior versions has > recently been discovered. A patch has been developed to address this > issue. The patch is small, affects only one module and can be appli

[Mailman-Users] Mailman Security Patch Announcement

2011-02-13 Thread Mark Sapiro
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 An XXS vulnerability affecting Mailman 2.1.14 and prior versions has recently been discovered. A patch has been developed to address this issue. The patch is small, affects only one module and can be applied to a live installation without requiring a r