Mailman uses insecure file permissions. It was found that mailman stored private email messages in a world-readable directory. A local user could use this flaw to read private mailing list archives.
marc.info/?l=bugtraq&m=101902003314968&w=2
rhn.redhat.com/errata/RHSA-2015-1417.html
sourceforge.net/tracker/?func=detail&atid=100103&aid=474616&group_id=103
www.iss.net/security_center/static/8874.php
www.securityfocus.com/bid/4538
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1008139
bugzilla.redhat.com/show_bug.cgi?id=1056366
bugzilla.redhat.com/show_bug.cgi?id=1095359
bugzilla.redhat.com/show_bug.cgi?id=745409
bugzilla.redhat.com/show_bug.cgi?id=765807
rhn.redhat.com/errata/RHSA-2015-1417.html