oss-sec mailing list archives
Re: 3 new CVE's in old branch of GNU mailman
From: Thomas Ward <teward () thomas-ward net>
Date: Mon, 21 Apr 2025 12:52:24 -0400
On 2025-04-21 12:48, Valtteri Vuorikoski wrote:
Are these vulnerabilities due to modifications made by the vendor (cPanel LLC) to their distributed version? -Valtteri
Direct quoting the CVE:
*Affected Software:* GNU Mailman 2.1.39 (bundled with cPanel/WHM)
I think that this would be a modified bundled version based on "Affected Software" specifically mentioning the GNU Mailman 2.1.39 that is specifically bundled with cPanel/WHM.
Especially if you can't reproduce it in pure MM 2.1.39.
Current thread:
- 3 new CVE's in old branch of GNU mailman Alan Coopersmith (Apr 21)
- Re: 3 new CVE's in old branch of GNU mailman Valtteri Vuorikoski (Apr 21)
- Re: 3 new CVE's in old branch of GNU mailman Thomas Ward (Apr 21)
- Re: 3 new CVE's in old branch of GNU mailman Valtteri Vuorikoski (Apr 21)
- Re: 3 new CVE's in old branch of GNU mailman Jim P. (Apr 21)
- Re: 3 new CVE's in old branch of GNU mailman Thomas Ward (Apr 21)
- Re: 3 new CVE's in old branch of GNU mailman Valtteri Vuorikoski (Apr 21)
- Re: 3 new CVE's in old branch of GNU mailman Mats Wichmann (Apr 21)
- Re: 3 new CVE's in old branch of GNU mailman Russ Allbery (Apr 21)
- <Possible follow-ups>
- Re: 3 new CVE's in old branch of GNU mailman Jeremy Reeder (May 08)