Vulnerability Description: mailman vulnerability Publication Date: 15 March 2008 Affected Versions: 7.10, 7.04, 6.10, 6.06 Vulnerability Details: Multiple cross-site scripting flaws were discovered in mailman. A malicious list administrator could exploit this to execute arbitrary JavaScript, potentially stealing user credentials. Update Instructions: Standard system upgrade is sufficient. Due to an internal release testing mistake, earlier published mailman versions accidentally included an incorrect patch and caused a regression. Affected Packages and Versions: - 7.10 gutsy: mailman - 1:2.1.9-8ubuntu0.2 - 7.04 feisty: mailman - 1:2.1.9-4ubuntu1.2 - 6.10 edgy: mailman - 1:2.1.8-2ubuntu2.1 - 6.06 dapper: mailman - 2.1.5-9ubuntu4.2 Reference: CVE-2008-0564