Bug 22550 - mailman new security issue CVE-2018-5950
Summary: mailman new security issue CVE-2018-5950
Status: NEW
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: https://www.debian.org/security/2018/...
Whiteboard:
Keywords: has_procedure
Depends on:
Blocks:
 
Reported: 2018-02-10 08:22 CET by Zombie Ryushu
Modified: 2018-02-13 15:46 CET (History)
0 users

See Also:
Source RPM: mailman-2.1.24-1.mga7.src.rpm
CVE: CVE-2018-5950
Status comment: Fixed upstream in 2.1.26


Attachments

Description Zombie Ryushu 2018-02-10 08:22:37 CET
Calum Hutton and the Mailman team discovered a cross site scripting and information leak vulnerability in the user options page. A remote attacker could use a crafted URL to steal cookie information or to fish for whether a user is subscribed to a list with a private roster.

 CVE-2018-5950
Zombie Ryushu 2018-02-10 08:22:55 CET

CVE: (none) => CVE-2018-5950

Comment 1 David Walser 2018-02-10 21:02:26 CET
Debian advisory from February 9:
https://www.debian.org/security/2018/dsa-4108

The issue is fixed upstream in 2.1.26.

Mageia 5 and Mageia 6 are also affected.

Whiteboard: (none) => MGA6TOO, MGA5TOO
Source RPM: mailman => mailman-2.1.24-1.mga7.src.rpm
Summary: DSA-4108-1 mailman -- security update CVE-2018-5950 => mailman new security issue CVE-2018-5950
Assignee: bugsquad => mrambo

Comment 2 David Walser 2018-02-10 21:14:00 CET
Ubuntu has issued an advisory for this on February 8:
https://usn.ubuntu.com/usn/usn-3563-1/
David Walser 2018-02-10 22:11:43 CET

Status comment: (none) => Fixed upstream in 2.1.26

Comment 3 Mike Rambo 2018-02-13 15:46:16 CET
Patched package uploaded for cauldron and Mageia 6.

Advisory:
========================

Updated mailman package fixes security vulnerability:

Calum Hutton and the Mailman team discovered a cross site scripting and information leak vulnerability in the user options page. A remote attacker could use a crafted URL to steal cookie information or to fish for whether a user is subscribed to a list with a private roster (CVE-2018-5950).


References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5950
https://www.debian.org/security/2018/dsa-4108
========================

Updated packages in core/updates_testing:
========================
mailman-2.1.23-2.1.mga6

from mailman-2.1.23-2.1.mga6.src.rpm


Testing procedure: https://bugs.mageia.org/show_bug.cgi?id=8067#c24

Assignee: mrambo => qa-bugs
Version: Cauldron => 6
Whiteboard: MGA6TOO, MGA5TOO => (none)
Keywords: (none) => has_procedure


Note You need to log in before you can comment on or make changes to this bug.