Oval Definition:oval:org.opensuse.security:def:202015953
Revision Date:2022-06-30Version:1
Title:CVE-2020-15953
Description:

LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a meddler-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."
Family:unixClass:vulnerability
Status:Reference(s):CVE-2020-15953
openSUSE-SU-2020:1454-1
openSUSE-SU-2020:1505-1
Mitre CVE-2020-15953
SUSE CVE-2020-15953
openSUSE-SU-2020:1454-1
openSUSE-SU-2020:1505-1
Platform(s):openSUSE Leap 15.2
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
SUSE Package Hub for SUSE Linux Enterprise 15 SP2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • libetpan-devel-1.9.4-lp152.3.3.1 is installed
  • AND libetpan-devel is signed with openSUSE key
  • OR
  • libetpan20-1.9.4-lp152.3.3.1 is installed
  • AND libetpan20 is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • libetpan-devel-1.9.4-1.7 is installed
  • OR libetpan20-1.9.4-1.7 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed
  • AND Package Information
  • libetpan-devel-1.9.4-bp152.4.3.1 is installed
  • OR libetpan20-1.9.4-bp152.4.3.1 is installed
    • BACK