Bug 225767 - security/vuxml: Document vulnerability in Mailman (CVE-2018-5950)
Summary: security/vuxml: Document vulnerability in Mailman (CVE-2018-5950)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Matthias Andree
URL: https://www.mail-archive.com/mailman-...
Keywords: patch, security
Depends on:
Blocks:
 
Reported: 2018-02-08 18:11 UTC by VK
Modified: 2018-02-08 22:32 UTC (History)
3 users (show)

See Also:
mandree: maintainer-feedback+

Attachments
Document CVE-2018-5950 (1.55 KB, patch)
2018-02-08 18:11 UTC, VK 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description VK 2018-02-08 18:11:23 UTC 
Created attachment 190436 [details]
Document CVE-2018-5950
Comment 1 VK 2018-02-08 18:18:52 UTC 
"An XSS vulnerability in the user options CGI could allow a crafted URL to execute arbitrary javascript in a user's browser. A related issue could expose information on a user's options page without requiring login. These are fixed.  Thanks to Calum Hutton for the report."

* CVE-2018-5950

* https://www.mail-archive.com/mailman-users@python.org/msg70478.html
Comment 2 commit-hook freebsd_committer freebsd_triage 2018-02-08 22:24:20 UTC 
A commit references this bug:

Author: mandree
Date: Thu Feb  8 22:24:00 UTC 2018
New revision: 461276
URL: https://svnweb.freebsd.org/changeset/ports/461276

Log:
  Document Mailman vulnerability

  PR:		225767
  Submitted by:	Vladimir Krstulja
  Reviewed by:	Matthias Andree
  Security:	CVE-2018-5950
  Security:	3d0eeef8-0cf9-11e8-99b0-d017c2987f9a

Changes:
  head/security/vuxml/vuln.xml
Comment 3 commit-hook freebsd_committer freebsd_triage 2018-02-08 22:32:28 UTC 
A commit references this bug:

Author: mandree
Date: Thu Feb  8 22:32:24 UTC 2018
New revision: 461277
URL: https://svnweb.freebsd.org/changeset/ports/461277

Log:
  Security update to 2.1.26 (XSS bug), assorted other fixes.

  - Fix checksum failures in Defaults.py[c]:
    No longer patch Defaults.py in postinstall, instead configure
    --with-mailhost=localhost --with-urlhost=localhost, as
    Fedora and Arch Linux do.

  - Add a related note to FreeBSD-post-install-notes.

  - Add a related safeguard to the rcfile, which will refuse to run
    if the DEFAULT_*_HOSTs are not configured. This can be changed
    with a new mailman_run_localhost="YES" rc.conf setting, which will
    then restrict itself to printing the warnings, but still start mailman.

  - Update htdig patch to upstream SVN r1734.

  - Bump USES, python:2 -> python:2.7

  - Regenerated patches.

  Changelog:
  https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/1743/NEWS#L8

  Release/SecuritY announcement:
  https://www.mail-archive.com/mailman-users@python.org/msg70478.html

  PR:		225767 (related vuxml entry)
  Reported by:	Vladimir Krstulja
  MFH:		2018Q1
  Security:	CVE-2018-5950
  Security:	3d0eeef8-0cf9-11e8-99b0-d017c2987f9a

Changes:
  head/mail/mailman/Makefile
  head/mail/mailman/distinfo
  head/mail/mailman/files/FreeBSD-post-install-notes
  head/mail/mailman/files/mailman.in
  head/mail/mailman/files/patch-Mailman__Defaults.py.in
  head/mail/mailman/files/patch-Mailman__htmlformat.py
  head/mail/mailman/files/patch-misc__mailman.in
  head/mail/mailman/files/pkg-install.in
  head/mail/mailman/pkg-plist