{"schema_version":"1.7.2","id":"OESA-2021-1405","modified":"2021-10-30T11:03:18Z","published":"2021-10-30T11:03:18Z","upstream":["CVE-2020-12108","CVE-2020-12137","CVE-2020-15011","CVE-2021-42096","CVE-2021-42097"],"summary":"mailman security update","details":"Mailman is free software for managing electronic mail discussion and e-newsletter lists. Mailman is integrated with the web, making it easy for users to manage their accounts and for list owners to administer their lists. Mailman supports built-in archiving, automatic bounce processing, content filtering, digest delivery, spam filters, and more.\r\n\r\nSecurity Fix(es):\r\n\r\n/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.(CVE-2020-12108)\r\n\r\nGNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform MIME sniffing, conclude that the MIME type should have been text/html, and execute JavaScript code.(CVE-2020-12137)\r\n\r\nGNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.(CVE-2020-15011)\n\nGNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.(CVE-2021-42096)\n\nGNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).(CVE-2021-42097)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP1","name":"mailman","purl":"pkg:rpm/openEuler/mailman\u0026distro=openEuler-20.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.1.29-8.oe1"}]}],"ecosystem_specific":{"aarch64":["mailman-debugsource-2.1.29-8.oe1.aarch64.rpm","mailman-debuginfo-2.1.29-8.oe1.aarch64.rpm","mailman-2.1.29-8.oe1.aarch64.rpm"],"src":["mailman-2.1.29-8.oe1.src.rpm"],"x86_64":["mailman-2.1.29-8.oe1.x86_64.rpm","mailman-debuginfo-2.1.29-8.oe1.x86_64.rpm","mailman-debugsource-2.1.29-8.oe1.x86_64.rpm"]}},{"package":{"ecosystem":"openEuler:20.03-LTS-SP2","name":"mailman","purl":"pkg:rpm/openEuler/mailman\u0026distro=openEuler-20.03-LTS-SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.1.29-8.oe1"}]}],"ecosystem_specific":{"aarch64":["mailman-debugsource-2.1.29-8.oe1.aarch64.rpm","mailman-debuginfo-2.1.29-8.oe1.aarch64.rpm","mailman-2.1.29-8.oe1.aarch64.rpm"],"src":["mailman-2.1.29-8.oe1.src.rpm"],"x86_64":["mailman-2.1.29-8.oe1.x86_64.rpm","mailman-debuginfo-2.1.29-8.oe1.x86_64.rpm","mailman-debugsource-2.1.29-8.oe1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1405"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-12108"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-12137"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15011"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-42096"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-42097"}],"database_specific":{"severity":"High"}}