+ Command mail from mailutils package used in mail actions
+ like mail-whois can execute command if unescaped sequences
+ (\n~) are available in "foreign" input (for instance in
+ whois output).
+
+
+
+
+
+ CVE-2021-32749
+ https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm
+
+
+ 2021-07-16
+ 2021-10-20
+
+
+
mailman -- brute-force vuln on list admin password, and CSRF vuln in releases before 2.1.35