Oval Definition:oval:com.redhat.rhsa:def:20214913
Revision Date:2021-12-02Version:637
Title:RHSA-2021:4913: mailman security update (Important)
Description:Mailman is a program used to help manage e-mail discussion lists.

Security Fix(es):

  • mailman: CSRF token bypass allows to perform CSRF attacks and account takeover (CVE-2021-42097)

  • mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover (CVE-2021-44227)

  • mailman: CSRF protection missing in the user options page (CVE-2016-6893)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2016-6893
    CVE-2021-42097
    CVE-2021-44227
    RHSA-2021:4913
    Platform(s):Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND mailman is earlier than 3:2.1.15-30.el7_9.2
  • AND mailman is signed with Red Hat redhatrelease2 key
    • BACK