Your submission was sent successfully! Close

USN-5151-1: Mailman vulnerabilities

18 November 2021

Several security issues were fixed in Mailman.

Releases

Packages

  • mailman - Web-based mailing list manager

Details

It was discovered that Mailman incorrectly handled certain URL.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-43331)

It was discovered that Mailman incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2021-43332)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04
Ubuntu 16.04

In general, a standard system update will make all the necessary changes.