Scientific Linux Security Update : mailman on SL7.x x86_64 (20150623)

high Nessus Plugin ID 84537

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

--

* It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. (CVE-2015-2775)

* Previously, it was impossible to configure Mailman in a way that Domain-based Message Authentication, Reporting & Conformance (DMARC) would recognize Sender alignment for Domain Key Identified Mail (DKIM) signatures. Consequently, Mailman list subscribers that belonged to a mail server with a 'reject' policy for DMARC, such as yahoo.com or AOL.com, were unable to receive Mailman forwarded messages from senders residing in any domain that provided DKIM signatures. With this update, domains with a 'reject' DMARC policy are recognized correctly, and Mailman list administrators are able to configure the way these messages are handled. As a result, after a proper configuration, subscribers now correctly receive Mailman forwarded messages in this scenario. (BZ#1229288)

* Previously, the /etc/mailman file had incorrectly set permissions, which in some cases caused removing Mailman lists to fail with a ''NoneType' object has no attribute 'close'' message. With this update, the permissions value for /etc/mailman is correctly set to 2775 instead of 0755, and removing Mailman lists now works as expected. (BZ#1229307)

* Prior to this update, the mailman utility incorrectly installed the tmpfiles configuration in the /etc/tmpfiles.d/ directory. As a consequence, changes made to mailman tmpfiles configuration were overwritten if the mailman packages were reinstalled or updated. The mailman utility now installs the tmpfiles configuration in the /usr/lib/tmpfiles.d/ directory, and changes made to them by the user are preserved on reinstall or update. (BZ#1229306)

All mailman users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Solution

Update the affected mailman and / or mailman-debuginfo packages.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1229288

https://bugzilla.redhat.com/show_bug.cgi?id=1229306

https://bugzilla.redhat.com/show_bug.cgi?id=1229307

http://www.nessus.org/u?91e2f247

Plugin Details

Severity: High

ID: 84537

File Name: sl_20150623_mailman_on_SL7_x.nasl

Version: 2.4

Type: local

Agent: unix

Published: 7/6/2015

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:fermilab:scientific_linux:mailman, p-cpe:/a:fermilab:scientific_linux:mailman-debuginfo, x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 6/23/2015

Vulnerability Publication Date: 4/13/2015

Reference Information

CVE: CVE-2015-2775