new mailman for FC2, security, fixes password retreval vulnerability
Phil Anderson
pza at pza.net.au
Thu Jul 8 21:51:30 UTC 2004
On Fri, 2004-07-09 at 00:58 +1000, Bradley Tate wrote:
> Me too. If anyone has a solution to this problem I'd also appreciate
> hearing about it.
John Denis from Redhat sent this to me and the list, but for some reason
it didn't come through on the list. I have been running with this patch
on for the last 5 days, and it fixed the problem.
On Sat, 2004-07-03 at 11:51 -0400, John Dennis wrote:
Jim Tittsler kindly provided this exmplanation to me.
I have not yet had a chance to investigate, but it may help you.
It is because it assumes there is always at least one dummy
entry in the admin queue (containing the version number). A
patch to fix the problem is on SourceForge:
<http://sourceforge.net/tracker/index.php?func=detail&aid=970383&group_id=103&at
id=300103>
More information about the users
mailing list