Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 3134-1] sympa security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 3134-1] sympa security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 3134-1] sympa security update
  • Date: Tue, 20 Jan 2015 20:51:06 +0000
  • List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
  • List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
  • Old-return-path: <carnil AT master.debian.org>
  • Priority: urgent
  • Resent-date: Tue, 20 Jan 2015 20:51:57 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <hfyOSwU5u4B.A.eyB.t_rvUB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3134-1 security AT debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
January 20, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : sympa

A vulnerability has been discovered in the web interface of sympa, a
mailing list manager. An attacker could take advantage of this flaw in
the newsletter posting area, which allows sending to a list, or to
oneself, any file located on the server filesystem and readable by the
sympa user.

For the stable distribution (wheezy), this problem has been fixed in
version 6.1.11~dfsg-5+deb7u2.

For the upcoming stable distribution (jessie), this problem will be
fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 6.1.23~dfsg-2.

We recommend that you upgrade your sympa packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUvr98AAoJEAVMuPMTQ89E9YEQAIrc76Jm5KKennU4THbef6ES
y07FqUbZ+zV0pKynLrQCMJsCaxkBFaa6qJlkX1i+MwfU0U5m/iI1xVU6ucRPR5K+
IkiH/R4izhtv/wN708dOuV5sD3hLSiBzDKSYZffs4gJ1D9rNm8ARxCYU5bVIVJFG
X/5eIATssoq4S0ttdYo1rQONsj8vUucivJyzFhaRGC0s5FeBpFTmQ6gVB6guE5Cu
hNnYlVrKrEqTksYX/pQsGQxG9YhFfnpcTl/Ufdn+wzKQnYix6RUH+8om6oWF+Xs3
1gVr6+dHzCS6h2fLzbX/Jn5F5o7o610+Xcrvw9Bq0GHOHdxEhZpcSzXS8ealXbeq
76Y3cgH7jOm3Y6Cltbu/awHD9zw6t5HqlVwNc2lfLCKDSao0YAUou2F2y4GuU8Tr
E6EiJ8UAsOjCXjn/7tk0pNaK3JHLMY/x20tOYPcS4W9vjxu63P4EmRdsfr9Sz8c9
bT+/V9UnR4P/ZE0hCuApjwWMyI/wOWw4qay1ar5KDvOoIGx/a9j4sX5BlxMv9m4H
g1aHxP03xLK4ost6wZ2lqpWVW5ExLqYZkU3dou3A6Tpv0xaStnMOwgWWa3CTYd1X
jztVTiSAJcVdjtzGZETq1DPXzlvVnHhJp+E/HuDYJ/bSnNYtR+oYXJ1KMObRDjpW
t8MYmOXE+qJKld6nNjrY
=sKvH
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST AT lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster AT lists.debian.org
Archive: E1YDflS-0007td-4D AT master.debian.org">https://lists.debian.org/E1YDflS-0007td-4D AT master.debian.org



  • [IT-SecNots] [SECURITY] [DSA 3134-1] sympa security update, Salvatore Bonaccorso, 20.01.2015

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang