SOLVED [ CPANEL-31659] Security Vulnerability found in Mailman

[brianc]

Does cPanel have an ETA on when you will be patching Mailman to address the following 2 recently discovered security vulnerabilities?

Bug #1873722 “Arbitrary Content Injection via the options login ...” : Bugs : GNU Mailman

An issue similar to CVE - https://www.cvedetails.com/cve/CVE-2018-13796/ exists at different endpoint & param. It can lead to a phishing attack. Steps To Reproduce: 1. Copy and save the following HTML code and open it in any browser. Code: <html> <body> <script>history.pushState('', ''...

bugs.launchpad.net

Bug #1877379 “Arbitrary Content Injection via the private archiv...” : Bugs : GNU Mailman

This is essentially the same as https://bugs.launchpad.net/mailman/+bug/1873722 except the vector is the private archive login page and the attack only succeeds if the list's roster visibility (private_roster) setting is 'Anyone'. This is fixed by the attached patch.

bugs.launchpad.net

I have manually applied the to my cPanel servers but I am not getting RPMS have been altered warning messages via email.

Thanks,
Brian

 

[cPanelLauren]

I don't have a date but I do have a case id - CPANEL-31659 - started as updated to 2.1.31 but looks like the other patches have been included for 2.1.33 - the case is currently "In Review" meaning it's done just awaiting a developer to review it. I will do my best to update here when it's released but you can follow the changelogs here: Change Logs - Change Logs - cPanel Documentation as well

 

[cPanelLauren]

Hello,



This is just an update to let you know that this issue is marked as resolved in v88 of cPanel & WHM and can be referenced in our changelogs here: 88 Change Log | cPanel & WHM Documentation