You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa mailman

Sigurnosni nedostatak programskog paketa mailman

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2018-07-23 21:23:45.816977

Name : mailman
Product : Fedora 28
Version : 2.1.26
Release : 4.fc28
Summary : Mailing list manager with built in Web access
Description :
Mailman is software to help manage email discussion lists, much like
Majordomo and Smartmail. Unlike most similar products, Mailman gives
each mailing list a webpage, and allows users to subscribe,
unsubscribe, etc. over the Web. Even the list manager can administer
his or her list entirely from the Web. Mailman also integrates most
things people want to do with mailing lists, including archiving, mail
<-> news gateways, and so on.

Documentation can be found in: /usr/share/doc/mailman

When the package has finished installing, you will need to perform some
additional installation steps, these are described in:

Update Information:

Add fix for CVE-2018-0618 (#1596459) —- Add fix for CVE-2018-0618 (#1596460)

* Mon Jul 2 2018 Pavel Zhukov <> – 3:2.1.26-4
– Add fix for CVE-2018-0618 (#1596459)
– Use proper bug

[ 1 ] Bug #1596458 – CVE-2018-0618 mailman: Cross-site scripting vulnerability allows malicious listowners to inject scripts into listinfo pages

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-f8fd4c5798’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorDanijel Kozinovic
Cert idNCERT-REF-2018-07-0001-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa network-manager-vpnc

Otkriven je sigurnosni nedostatak u programskom paketu network-manager-vpnc za operacijski sustav Debian. Otkriveni nedostatak potencijalnim lokalnim napadačima omogućuje izvršavanje proizvoljnog...