Bug 6164

Summary: mailman possible security issue CVE-2002-0389
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED INVALID QA Contact:
Severity: normal    
Priority: Normal    
Version: 1   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/499162/
Whiteboard:
Source RPM: mailman-2.1.13-6.mga1.src.rpm CVE:
Status comment:

Description David Walser 2012-05-29 23:23:38 CEST 
SuSE has issued an advisory today (May 29):
http://lists.opensuse.org/opensuse-updates/2012-05/msg00043.html

Existence of this issue seems to be dependent on how it was packaged.

I don't know if this affects us.

More info is here:
https://bugzilla.redhat.com/show_bug.cgi?id=723584
Comment 1 David Walser 2012-06-14 21:36:51 CEST 
According to these lines in the SPEC, I don't believe we're affected:
# fix permissions mess
chmod -R go=u-ws %{buildroot}%{_libdir}/%{name}
chmod 750 %{buildroot}%{_var}/lib/%{name}/archives/private
...
%attr(-,%{uid},apache) %{_var}/lib/%{name}/archives/private

Resolution: (none) => INVALID
Status: NEW => RESOLVED