[Centos] full-d] Administrivia: List Compromised due to Mailman Vulnerability (fwd)
seth vidal
skvidal at phy.duke.eduWed Feb 9 19:53:32 UTC 2005
- Previous message: [Centos] full-d] Administrivia: List Compromised due to Mailman Vulnerability (fwd)
- Next message: [Centos] full-d] Administrivia: List Compromised due to Mailman Vulnerability (fwd)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 2005-02-09 at 14:41 -0500, R P Herrold wrote: > Sorry for the cross post, but this is an important one > potentially affecting all recipients. > > This just crossed the Full Disclosure mailman moderated > mailing list. It bears a careful read, and thought about > whether a response is needed. > > The implication is that if there is any use of a mailman > password in common with a password you 'care' about, you need > to take appropriate action at once. Also some backends merge > Bugzilla and mailman password stores, which can cause > unexpected secondary effects. > > I have not seen a patch yet, and so one has to assume that the > configs and passwords for all mailman moderated mailing lists > are compromised. Once a fix issues, Mailman moderators will > want to do a global password change, and local list > modification. > the patch to mailman came out weeks ago unless this is a new password exposure bug. -sv
- Previous message: [Centos] full-d] Administrivia: List Compromised due to Mailman Vulnerability (fwd)
- Next message: [Centos] full-d] Administrivia: List Compromised due to Mailman Vulnerability (fwd)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list