Mailman: Directory traversal vulnerability — GLSA 200502-11

Mailman fails to properly sanitize input, leading to information disclosure.

Affected packages

Package 	net-mail/mailman on all architectures
Affected versions 	< 2.1.5-r4
Unaffected versions 	>= 2.1.5-r4

Background

Mailman is a Python-based mailing list server with an extensive web interface.

Description

Mailman contains an error in private.py which fails to properly sanitize input paths.

Impact

An attacker could exploit this flaw to obtain arbitrary files on the web server.

Workaround

There is no known workaround at this time.

Resolution

All Mailman users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-mail/mailman-2.1.5-r4"

References

    Full Disclosure Announcement
    CAN-2005-0202