FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
739948e3-78bf-11e8-b23c-080027ac955c	mailman -- hardening against malicious listowners injecting evil HTML scripts Mark Sapiro reports: Existing protections against malicious listowners injecting evil scripts into listinfo pages have had a few more checks added. A few more error messages have had their values HTML escaped. The hash generated when SUBSCRIBE_FORM_SECRET is set could have been the same as one generated at the same time for a different list and IP address. Discovery 2018-03-09 Entry 2018-06-25 mailman < 2.1.27 mailman-with-htdig < 2.1.27 ja-mailman < 2.1.14.j7_5,1 https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/head:/NEWS#L8 https://www.mail-archive.com/mailman-users@python.org/ CVE-2018-0618

VuXML ID

Description

739948e3-78bf-11e8-b23c-080027ac955c

mailman -- hardening against malicious listowners injecting evil HTML scripts

Mark Sapiro reports:

Existing protections against malicious listowners injecting evil scripts into listinfo pages have had a few more checks added.

A few more error messages have had their values HTML escaped.

The hash generated when SUBSCRIBE_FORM_SECRET is set could have been the same as one generated at the same time for a different list and IP address.

Discovery 2018-03-09
Entry 2018-06-25
mailman

< 2.1.27

mailman-with-htdig

< 2.1.27

ja-mailman

< 2.1.14.j7_5,1

https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/head:/NEWS#L8
https://www.mail-archive.com/mailman-users@python.org/
CVE-2018-0618