OVAL Reference oval:org.opensuse.security:def:46028

Oval Definition:

oval:org.opensuse.security:def:46028

Revision Date:	2020-12-01	Version:	1
Title:	Security update for mailman (Important)
Description:	This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug (bsc#1171363). - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion (bsc#1170558). Non-security issue fixed: - Fixed rights and ownership on /var/lib/mailman/archives (bsc#1167068). - Don't default to invalid hosts for DEFAULT_EMAIL_HOST (bsc#682920).
Family:	unix	Class:	patch
Status:		Reference(s):	1027282 1027519 1029377 1029902 1040164 1042670 1049186 1050653 1070738 1070853 1077230 1079761 1081750 1083507 1083630 1086001 1088004 1088009 1088573 1094814 1107030 1109160 1109663 1109847 1111331 1118367 1118368 1120610 1120644 1122191 1123361 1123522 1126140 1126141 1126192 1126195 1126196 1126197 1126198 1126201 1127400 1129346 1129642 1130496 1130840 1131811 1133452 1133818 1137717 1137942 1138294 1138459 1141853 1143797 1145240 1145774 1146874 1149121 1149792 1149813 1149955 1151490 1153238 1155094 1155321 1156318 1159035 1159329 1159622 1161719 1162224 1162367 1162423 1162825 1163809 1165528 1165787 1165894 1167068 1169658 1170558 1171363 1171740 1176409 1176412 1178171 637176 658604 673071 682920 709442 743787 747125 751718 754447 754677 787526 809831 831629 834601 867887 871152 885662 885882 899192 900881 909312 913232 914742 915540 916225 917125 917607 919007 919018 920262 921769 922033 922583 922734 922944 924664 924803 924809 925567 926156 926240 926314 927084 927115 927116 927257 927285 927308 927455 928122 928130 928135 928141 928708 929092 929145 929525 929883 930224 930226 930669 930786 931014 931130 934088 935856 942751 945190 951166 983582 984751 985177 985348 989523 CVE-2011-3389 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2013-1752 CVE-2013-4238 CVE-2014-2667 CVE-2014-3577 CVE-2014-3647 CVE-2014-4650 CVE-2014-8086 CVE-2014-8159 CVE-2015-0332 CVE-2015-0333 CVE-2015-0334 CVE-2015-0335 CVE-2015-0336 CVE-2015-0337 CVE-2015-0338 CVE-2015-0339 CVE-2015-0340 CVE-2015-0341 CVE-2015-0342 CVE-2015-1465 CVE-2015-2041 CVE-2015-2042 CVE-2015-2666 CVE-2015-2830 CVE-2015-2922 CVE-2015-3096 CVE-2015-3098 CVE-2015-3099 CVE-2015-3100 CVE-2015-3102 CVE-2015-3103 CVE-2015-3104 CVE-2015-3105 CVE-2015-3106 CVE-2015-3107 CVE-2015-3108 CVE-2015-3331 CVE-2015-3332 CVE-2015-3339 CVE-2015-3636 CVE-2015-5262 CVE-2016-0772 CVE-2016-1000110 CVE-2016-5636 CVE-2016-5699 CVE-2017-12627 CVE-2017-18207 CVE-2018-1000802 CVE-2018-1060 CVE-2018-1061 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-14647 CVE-2018-20406 CVE-2018-20482 CVE-2018-20852 CVE-2018-5741 CVE-2019-10160 CVE-2019-11091 CVE-2019-12068 CVE-2019-14378 CVE-2019-15890 CVE-2019-15903 CVE-2019-16056 CVE-2019-16935 CVE-2019-17340 CVE-2019-17341 CVE-2019-17342 CVE-2019-17343 CVE-2019-17344 CVE-2019-17345 CVE-2019-17346 CVE-2019-17347 CVE-2019-17348 CVE-2019-18348 CVE-2019-18348 CVE-2019-5010 CVE-2019-6977 CVE-2019-6978 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9636 CVE-2019-9674 CVE-2019-9674 CVE-2019-9923 CVE-2019-9947 CVE-2020-10018 CVE-2020-10188 CVE-2020-11793 CVE-2020-12108 CVE-2020-12137 CVE-2020-14392 CVE-2020-14393 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-8492 CVE-2020-8492 CVE-2020-8616 CVE-2020-8617 SUSE-SU-2015:0491-1 SUSE-SU-2015:1043-1 SUSE-SU-2015:1071-1 SUSE-SU-2019:2753-1 SUSE-SU-2020:0854-1 SUSE-SU-2020:1301-1 SUSE-SU-2020:1533-1 SUSE-SU-2020:2225-1 SUSE-SU-2020:2661-1 SUSE-SU-2020:3149-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 42.3 openSUSE Leap 42.3 NonFree SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND autofs-5.1.3-lp150.5 is installed
Definition Synopsis
openSUSE Leap 42.3 is installed AND Package Information libXxf86dga-devel-1.1.4-8 is installed OR libXxf86dga1-1.1.4-8 is installed
Definition Synopsis
openSUSE Leap 42.3 NonFree is installed AND opera-52.0.2871.30-62 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.9-0.3 is installed OR MozillaFirefox-branding-SLED-7-0.6.7 is installed OR MozillaFirefox-translations-10.0.9-0.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND libevent-1_4-2-1.4.5-24.24 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information bind-9.9.6P1-0.12 is installed OR bind-libs-9.9.6P1-0.12 is installed OR bind-libs-32bit-9.9.6P1-0.12 is installed OR bind-utils-9.9.6P1-0.12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information file-5.19-2 is installed OR file-magic-5.19-2 is installed OR libmagic1-5.19-2 is installed OR libmagic1-32bit-5.19-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND iputils-s20121221-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information at-3.1.14-8.6 is installed OR libQtWebKit4-4.8.7+2.3.4-4.7 is installed OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 is installed AND chrony-3.2-7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information clamav-0.100.3-3.9 is installed OR clamav-devel-0.100.3-3.9 is installed OR libclamav7-0.100.3-3.9 is installed OR libclammspack0-0.100.3-3.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information libexempi-devel-2.4.5-1 is installed OR libexempi3-2.4.5-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information libcdio++0-0.94-6.6 is installed OR libcdio-devel-0.94-6.6 is installed OR libcdio16-0.94-6.6 is installed OR libiso9660-10-0.94-6.6 is installed OR libudf0-0.94-6.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information kernel-docs-4.12.14-25.25 is installed OR kernel-obs-build-4.12.14-25.25 is installed OR kernel-source-4.12.14-25.25 is installed OR kernel-syms-4.12.14-25.25 is installed OR kernel-vanilla-4.12.14-25.25 is installed OR kernel-vanilla-base-4.12.14-25.25 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information ImageMagick-7.0.7.34-3.79 is installed OR perl-PerlMagick-7.0.7.34-3.79 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information kernel-default-4.12.14-25.28 is installed OR reiserfs-kmp-default-4.12.14-25.28 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND reiserfs-kmp-default-4.12.14-195 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-25.16 is installed OR kernel-default-livepatch-4.12.14-25.16 is installed OR kernel-livepatch-4_12_14-25_16-default-1-1.3 is installed OR kernel-livepatch-SLE15_Update_4-1-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information gcc9-9.2.1+r275327-1.3 is installed OR libatomic1-32bit-9.2.1+r275327-1.3 is installed OR libgcc_s1-32bit-9.2.1+r275327-1.3 is installed OR libgomp1-32bit-9.2.1+r275327-1.3 is installed OR libitm1-32bit-9.2.1+r275327-1.3 is installed OR libstdc++6-32bit-9.2.1+r275327-1.3 is installed OR libstdc++6-devel-gcc9-32bit-9.2.1+r275327-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information php7-7.2.5-4.55 is installed OR php7-embed-7.2.5-4.55 is installed OR php7-readline-7.2.5-4.55 is installed OR php7-sodium-7.2.5-4.55 is installed OR php7-tidy-7.2.5-4.55 is installed OR tidy-5.4.0-3.2 is installed OR tidy-doc-5.4.0-3.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.8 is installed OR kernel-azure-base-4.12.14-5.8 is installed OR kernel-azure-devel-4.12.14-5.8 is installed OR kernel-devel-azure-4.12.14-5.8 is installed OR kernel-source-azure-4.12.14-5.8 is installed OR kernel-syms-azure-4.12.14-5.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information rmt-server-2.5.7-3.15 is installed OR rmt-server-pubcloud-2.5.7-3.15 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND vsftpd-3.0.3-5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information xen-4.12.1_04-3.6 is installed OR xen-devel-4.12.1_04-3.6 is installed OR xen-tools-4.12.1_04-3.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information xorg-x11-7.6_1-14 is installed OR xorg-x11-essentials-7.6_1-14 is installed OR xrdb-1.1.0-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-60.3.0-109.50 is installed OR MozillaFirefox-devel-60.3.0-109.50 is installed OR MozillaFirefox-translations-common-60.3.0-109.50 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libpython2_7-1_0-2.7.13-28.21 is installed OR libpython2_7-1_0-32bit-2.7.13-28.21 is installed OR python-2.7.13-28.21 is installed OR python-32bit-2.7.13-28.21 is installed OR python-base-2.7.13-28.21 is installed OR python-base-32bit-2.7.13-28.21 is installed OR python-curses-2.7.13-28.21 is installed OR python-demo-2.7.13-28.21 is installed OR python-doc-2.7.13-28.21 is installed OR python-doc-pdf-2.7.13-28.21 is installed OR python-gdbm-2.7.13-28.21 is installed OR python-idle-2.7.13-28.21 is installed OR python-tk-2.7.13-28.21 is installed OR python-xml-2.7.13-28.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-BCL is installed AND mailman-2.1.17-3.20 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL is installed AND mailman-2.1.17-3.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_143-94_47-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_16-7-2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed AND xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information liblouis-2.6.4-6.6 is installed OR liblouis-data-2.6.4-6.6 is installed OR liblouis9-2.6.4-6.6 is installed OR python-louis-2.6.4-6.6 is installed OR python3-louis-2.6.4-6.6 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4 is installed AND xen-4.11.2_02-2.14 is installed OR xen-doc-html-4.11.2_02-2.14 is installed OR xen-libs-4.11.2_02-2.14 is installed OR xen-libs-32bit-4.11.2_02-2.14 is installed OR xen-tools-4.11.2_02-2.14 is installed OR xen-tools-domU-4.11.2_02-2.14 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND xen-4.11.2_02-2.14 is installed OR xen-doc-html-4.11.2_02-2.14 is installed OR xen-libs-4.11.2_02-2.14 is installed OR xen-libs-32bit-4.11.2_02-2.14 is installed OR xen-tools-4.11.2_02-2.14 is installed OR xen-tools-domU-4.11.2_02-2.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cracklib-2.9.0-7 is installed OR libcrack2-2.9.0-7 is installed OR libcrack2-32bit-2.9.0-7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND apache-commons-httpclient-3.1-6.3 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS is installed AND apache-commons-httpclient-3.1-6.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND perl-DBI-1.628-5.3 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND perl-DBI-1.628-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information dpdk-18.11.3-3.19 is installed OR dpdk-devel-18.11.3-3.19 is installed OR dpdk-kmp-default-18.11.3_k4.12.14_150.47-3.19 is installed OR dpdk-thunderx-18.11.3-3.19 is installed OR dpdk-thunderx-devel-18.11.3-3.19 is installed OR dpdk-thunderx-kmp-default-18.11.3_k4.12.14_150.47-3.19 is installed OR dpdk-tools-18.11.3-3.19 is installed OR libdpdk-18_11-18.11.3-3.19 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information flash-player-11.2.202.451-77 is installed OR flash-player-gnome-11.2.202.451-77 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information libzzip-0-13-0.13.62-9 is installed OR zziplib-0.13.62-9 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-71.5 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.5 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information evince-3.20.1-6.16 is installed OR typelib-1_0-EvinceDocument-3_0-3.20.1-6.16 is installed OR typelib-1_0-EvinceView-3_0-3.20.1-6.16 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information libntfs-3g84-2013.1.13-5.6 is installed OR ntfs-3g-2013.1.13-5.6 is installed OR ntfs-3g_ntfsprogs-2013.1.13-5.6 is installed OR ntfsprogs-2013.1.13-5.6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND libmwaw-0_3-3-0.3.13-2 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND transfig-3.2.6a-2 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed

BACK