Nicolas Neuss <email@example.com> wrote:
| firstname.lastname@example.org (Rob Warnock) writes:
| > That's one of the problems open-source code has created for us all:
| > there's *gobs* of free PHP, phpBB, phorm.php (PHPmail), etc., code
| > available out there for free, ...
| Yes, I was also sceptical about this, and have at the moment only
| Mailman and Hunchentoot running on my server (behind Apache2).
Heh! "Only Mailman" isn't necessarily reassuring. ;-} ;-}
Depending on which version you're using & how old
it is, you might want to do a web search for:
Mailman security vulnerability 2009
and then prepare to update! ;-}
Especially if you're using "Kjtechforce mailman beta1", see
CVE-2009-2164 (2009-06-22, updated 2009-06-23).
Also CVE-2008-0564 (2008-03-15), with Mailman prior to version 2.1.10b1.
And others, see <http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=mailman>.
Rob Warnock <email@example.com>
627 26th Avenue <URL:http://rpw3.org/>
San Mateo, CA 94403 (650)572-2607