Bugzilla – Bug 995352
VUL-0: CVE-2016-6893: mailman: CSRF protection needs to be extended to the user options page
Last modified: 2020-05-12 17:52:52 UTC
CVE-2016-6893 https://mail.python.org/pipermail/mailman-announce/2016-August/000225.html Mark Sapiro mark at msapiro.net Fri Aug 19 03:09:53 EDT 2016 There is a CSRF vulnerability associated with the user options page. This could conceivably allow an attacker to obtain a user's password. This is reported at <https://bugs.launchpad.net/mailman/+bug/1614841>. I have developed a fix which is a small patch to two modules. I plan to release Mailman 2.1.23 with this and other fixes on Saturday, Aug 27 and also to post at the same time the patch which can be applied stand-alone. Neither the bug report nor the fix reveals much detail about the attack, but to allay any concern, I'm delaying the release for a week to allow people to plan for installation of at least the patch at the time of release. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6893 http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6893.html
https://bugs.launchpad.net/mailman/%2Bbug/1614841 > What versions? All Mailman 2.1.x prior to 2.1.23. However, versions older than 2.1.15 are also vulnerable to CSRF attacks on the admin web interface.
bugbot adjusting priority
setting to current maintainer.
SUSE-SU-2018:1638-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 995352 CVE References: CVE-2016-6893 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): mailman-2.1.15-9.6.3.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): mailman-2.1.15-9.6.3.1
SUSE-SU-2018:4296-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1077358,1099510,1101288,925502,995352 CVE References: CVE-2015-2775,CVE-2016-6893,CVE-2018-0618,CVE-2018-13796,CVE-2018-5950 Sources used: SUSE OpenStack Cloud 7 (src): mailman-2.1.17-3.3.3 SUSE Linux Enterprise Server for SAP 12-SP2 (src): mailman-2.1.17-3.3.3 SUSE Linux Enterprise Server for SAP 12-SP1 (src): mailman-2.1.17-3.3.3 SUSE Linux Enterprise Server 12-SP4 (src): mailman-2.1.17-3.3.3 SUSE Linux Enterprise Server 12-SP3 (src): mailman-2.1.17-3.3.3 SUSE Linux Enterprise Server 12-SP2-LTSS (src): mailman-2.1.17-3.3.3 SUSE Linux Enterprise Server 12-SP2-BCL (src): mailman-2.1.17-3.3.3 SUSE Linux Enterprise Server 12-SP1-LTSS (src): mailman-2.1.17-3.3.3 SUSE Linux Enterprise Server 12-LTSS (src): mailman-2.1.17-3.3.3 SUSE Enterprise Storage 4 (src): mailman-2.1.17-3.3.3
SUSE-SU-2019:13924-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1077358,1099510,1101288,925502,995352 CVE References: CVE-2015-2775,CVE-2016-6893,CVE-2018-0618,CVE-2018-13796,CVE-2018-5950 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): mailman-2.1.15-9.6.6.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): mailman-2.1.15-9.6.6.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): mailman-2.1.15-9.6.6.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): mailman-2.1.15-9.6.6.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): mailman-2.1.15-9.6.6.1
Done