Skip to Content.
Sympa Menu

fr - Sympa 4.1.2 fixes vulnerabilities

Subject: Pour les administrateurs de serveurs de listes utilisant le logiciel Sympa

List archive

Chronological Thread  
  • From: Olivier Salaun - CRU <address@concealed>
  • To: address@concealed, address@concealed, address@concealed
  • Subject: Sympa 4.1.2 fixes vulnerabilities
  • Date: Thu, 24 Jun 2004 10:50:02 +0200

We just released Sympa 4.1.2 : http://www.sympa.org/distribution/
This version is based on Sympa 4.1 stable CVS branch and only provides fixes for known bugs and vulnerabilites listed below :
  • Listmaster approval could be bypassed to create a list. This fulnerability affects all 2.x, 3.x and 4.x Sympa versions.
  • Moderation from the web interface failed with some invalid MIME messages
  • List directory was not created in the right place if robot was also the default host.
  • Failed to remove list directory (while purging)
  • Escape single quotes in archives search engine ((could cause a 500 error)
A more detailed changelog is available : http://www.sympa.org/release.html

We are working, in parallel, on the next Sympa version that will use TT2 template format (http://www.tt2.org/) and with a single message catalogue (in PO format) for each language.
-- 
Olivier Salaün
Comité Réseau des Universités
-------------------------------------------
Validation signature / Trusting  signature: --> http://igc.cru.fr/trust.html
------------------------------------------- 

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature



  • Sympa 4.1.2 fixes vulnerabilities, Olivier Salaun - CRU, 06/24/2004

Archive powered by MHonArc 2.6.19+.

Top of Page