Accéder au contenu.
Menu Sympa

fr - Sympa 4.1.2 fixes vulnerabilities

Objet : Pour les administrateurs de serveurs de listes utilisant le logiciel Sympa

Archives de la liste

Chronologique Discussions  
  • From: Olivier Salaun - CRU <adresse@cachée>
  • To: adresse@cachée, adresse@cachée, adresse@cachée
  • Subject: Sympa 4.1.2 fixes vulnerabilities
  • Date: Thu, 24 Jun 2004 10:50:02 +0200

We just released Sympa 4.1.2 : http://www.sympa.org/distribution/
This version is based on Sympa 4.1 stable CVS branch and only provides fixes for known bugs and vulnerabilites listed below :
  • Listmaster approval could be bypassed to create a list. This fulnerability affects all 2.x, 3.x and 4.x Sympa versions.
  • Moderation from the web interface failed with some invalid MIME messages
  • List directory was not created in the right place if robot was also the default host.
  • Failed to remove list directory (while purging)
  • Escape single quotes in archives search engine ((could cause a 500 error)
A more detailed changelog is available : http://www.sympa.org/release.html

We are working, in parallel, on the next Sympa version that will use TT2 template format (http://www.tt2.org/) and with a single message catalogue (in PO format) for each language.
-- 
Olivier Salaün
Comité Réseau des Universités
-------------------------------------------
Validation signature / Trusting  signature: --> http://igc.cru.fr/trust.html
------------------------------------------- 

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature



  • Sympa 4.1.2 fixes vulnerabilities, Olivier Salaun - CRU, 24/06/2004

Archives gérées par MHonArc 2.6.19+.

Haut de le page