Ubuntu Security Notice USN-242-1
16th January, 2006
mailman vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 5.10
- Ubuntu 5.04
- Ubuntu 4.10
Details
Aliet Santiesteban Sifontes discovered a remote Denial of Service
vulnerability in the attachment handler. An email with an attachment
whose filename contained invalid UTF-8 characters caused mailman to
crash. (CVE-2005-3573)
Mailman did not sufficiently verify the validity of email dates. Very
large numbers in dates caused mailman to crash. (CVE-2005-4153)
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 5.10:
- mailman
- Ubuntu 5.04:
- mailman
- Ubuntu 4.10:
- mailman
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None