We have internally-built Mailman packages backporting the upstream Mailman to RHEL5 with some custom patches in it. Upstream has released a new version so we need to update our packages. This will be a few days of work as our local hacks will need to be ported forward to the new version. There's not a particular rush, either, it's a bugfix update, not a security update. Although a few of the bugfixes will be nice to have.
Assignee: server-ops → nobody
Component: Server Operations → Server Operations: Projects
Except Mailman 2.1.14 *is* a security update. ;)
Component: Server Operations: Projects → Server Operations
yep. Nice of their release announcement not to mention it. You had to read the release notes. Shame on me for not reading the whole thing.
Severity: normal → critical
Component: Server Operations → Server Operations: Security
QA Contact: mrz → clyon
Oh, reed renumbered the bug on me. 2.1.13 (what this bug was originally for) was not a security update. 2.1.14 is, and I missed the release announcement.
OK, 2.1.14 update deployed, including the CVE-2011-0707 patch that was just released today, as well as re-skinned it with the new mozilla.org design.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Component: Server Operations: Security → Security Assurance: Operations
Component: Operations Security (OpSec): General → General
Product: mozilla.org → Enterprise Information Security
You need to log in before you can comment on or make changes to this bug.