USN-4354-1: Mailman vulnerability
11 May 2020
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Mailman could be made to inject arbitrary content in the login page if it received a specially crafted input.
- mailman - Web-based mailing list manager (legacy branch)
It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary content in the login page.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.