← Back to branch summary

~mailman-coders/mailman/2.1

« back to all changes in this revision

Viewing changes to NEWS

  • Committer: Mark Sapiro
  • Date: 2018-06-25 02:50:53 UTC
  • Revision ID: mark@msapiro.net-20180625025053-ptrzria2xiu0hqlt
Added a CVE reference.

Show diffs side-by-side

added added

removed removed

Lines of Context:
NEWS
11
11
 
12
12
    - Existing protections against malicious listowners injecting evil
13
13
      scripts into listinfo pages have had a few more checks added.
14
 
      JVN#00846677/JPCERT#97432283
 
14
      JVN#00846677/JPCERT#97432283/CVE-2018-0618
15
15
 
16
16
    - A few more error messages have had their values HTML escaped.
17
 
      JVN#00846677/JPCERT#97432283
 
17
      JVN#00846677/JPCERT#97432283/CVE-2018-0618
18
18
 
19
19
    - The hash generated when SUBSCRIBE_FORM_SECRET is set could have been
20
20
      the same as one generated at the same time for a different list and