Oval Definition:oval:org.opensuse.security:def:59218
Revision Date:2020-12-01Version:1
Title:Security update for mailman (Important)
Description:

This update for mailman fixes the following issues:

Security issue fixed:

- CVE-2020-12108: Fixed a content injection bug (bsc#1171363). - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion (bsc#1170558).

Non-security issue fixed:

- Fixed rights and ownership on /var/lib/mailman/archives (bsc#1167068). - Don't default to invalid hosts for DEFAULT_EMAIL_HOST (bsc#682920).
Family:unixClass:patch
Status:Reference(s):1106923
1108835
1109252
1110445
1111278
1112024
1113083
1113632
1113665
1120644
1122191
1123371
1123377
1123378
1124211
1127027
1132826
1141493
1141798
1142058
1143215
1144524
1145092
1145559
1166847
1167068
1170558
1171363
1172031
1172225
1172798
1172846
1173027
1173369
1173659
1173942
1173972
1174247
1174753
1174817
1175168
682920
CVE-2009-0186
CVE-2011-2696
CVE-2014-5044
CVE-2014-9496
CVE-2014-9756
CVE-2015-5276
CVE-2015-7805
CVE-2015-8075
CVE-2017-12652
CVE-2017-7585
CVE-2017-7586
CVE-2017-7741
CVE-2017-7742
CVE-2017-8361
CVE-2017-8362
CVE-2017-8363
CVE-2017-8365
CVE-2018-15686
CVE-2018-15688
CVE-2018-16890
CVE-2018-20406
CVE-2019-10208
CVE-2019-11500
CVE-2019-13456
CVE-2019-16746
CVE-2019-17185
CVE-2019-20807
CVE-2019-2614
CVE-2019-2627
CVE-2019-2737
CVE-2019-2739
CVE-2019-2740
CVE-2019-2805
CVE-2019-3822
CVE-2019-3823
CVE-2019-5010
CVE-2019-7317
CVE-2020-11668
CVE-2020-12108
CVE-2020-12137
CVE-2020-13844
CVE-2020-14331
CVE-2020-15011
CVE-2020-8177
SUSE-SU-2018:3767-1
SUSE-SU-2019:0243-1
SUSE-SU-2019:2159-1
SUSE-SU-2019:2454-1
SUSE-SU-2019:2461-1
SUSE-SU-2019:3060-2
SUSE-SU-2020:1301-1
SUSE-SU-2020:1550-1
SUSE-SU-2020:1732-1
SUSE-SU-2020:2048-1
SUSE-SU-2020:2499-1
SUSE-SU-2020:3263-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libgypsy0-0.9-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • kernel-debug-4.12.14-lp151.28.36 is installed
  • OR kernel-debug-base-4.12.14-lp151.28.36 is installed
  • OR kernel-debug-devel-4.12.14-lp151.28.36 is installed
  • OR kernel-default-4.12.14-lp151.28.36 is installed
  • OR kernel-default-base-4.12.14-lp151.28.36 is installed
  • OR kernel-default-devel-4.12.14-lp151.28.36 is installed
  • OR kernel-devel-4.12.14-lp151.28.36 is installed
  • OR kernel-docs-4.12.14-lp151.28.36 is installed
  • OR kernel-docs-html-4.12.14-lp151.28.36 is installed
  • OR kernel-kvmsmall-4.12.14-lp151.28.36 is installed
  • OR kernel-kvmsmall-base-4.12.14-lp151.28.36 is installed
  • OR kernel-kvmsmall-devel-4.12.14-lp151.28.36 is installed
  • OR kernel-macros-4.12.14-lp151.28.36 is installed
  • OR kernel-obs-build-4.12.14-lp151.28.36 is installed
  • OR kernel-obs-qa-4.12.14-lp151.28.36 is installed
  • OR kernel-source-4.12.14-lp151.28.36 is installed
  • OR kernel-source-vanilla-4.12.14-lp151.28.36 is installed
  • OR kernel-syms-4.12.14-lp151.28.36 is installed
  • OR kernel-vanilla-4.12.14-lp151.28.36 is installed
  • OR kernel-vanilla-base-4.12.14-lp151.28.36 is installed
  • OR kernel-vanilla-devel-4.12.14-lp151.28.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libsystemd0-228-150.53 is installed
  • OR libsystemd0-32bit-228-150.53 is installed
  • OR libudev1-228-150.53 is installed
  • OR libudev1-32bit-228-150.53 is installed
  • OR systemd-228-150.53 is installed
  • OR systemd-32bit-228-150.53 is installed
  • OR systemd-bash-completion-228-150.53 is installed
  • OR systemd-sysvinit-228-150.53 is installed
  • OR udev-228-150.53 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • curl-7.37.0-37.34 is installed
  • OR libcurl4-7.37.0-37.34 is installed
  • OR libcurl4-32bit-7.37.0-37.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND mailman-2.1.17-3.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cpp48-4.8.5-30 is installed
  • OR gcc48-4.8.5-30 is installed
  • OR gcc48-32bit-4.8.5-30 is installed
  • OR gcc48-c++-4.8.5-30 is installed
  • OR gcc48-info-4.8.5-30 is installed
  • OR gcc48-locale-4.8.5-30 is installed
  • OR libasan0-4.8.5-30 is installed
  • OR libasan0-32bit-4.8.5-30 is installed
  • OR libstdc++48-devel-4.8.5-30 is installed
  • OR libstdc++48-devel-32bit-4.8.5-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • bzip2-1.0.6-30.8 is installed
  • OR bzip2-doc-1.0.6-30.8 is installed
  • OR libbz2-1-1.0.6-30.8 is installed
  • OR libbz2-1-32bit-1.0.6-30.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-109.95 is installed
  • OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND openvswitch-2.7.6-3.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • gstreamer-plugins-base-1.8.3-12 is installed
  • OR gstreamer-plugins-base-lang-1.8.3-12 is installed
  • OR libgstallocators-1_0-0-1.8.3-12 is installed
  • OR libgstapp-1_0-0-1.8.3-12 is installed
  • OR libgstapp-1_0-0-32bit-1.8.3-12 is installed
  • OR libgstaudio-1_0-0-1.8.3-12 is installed
  • OR libgstaudio-1_0-0-32bit-1.8.3-12 is installed
  • OR libgstfft-1_0-0-1.8.3-12 is installed
  • OR libgstpbutils-1_0-0-1.8.3-12 is installed
  • OR libgstpbutils-1_0-0-32bit-1.8.3-12 is installed
  • OR libgstriff-1_0-0-1.8.3-12 is installed
  • OR libgstrtp-1_0-0-1.8.3-12 is installed
  • OR libgstrtsp-1_0-0-1.8.3-12 is installed
  • OR libgstsdp-1_0-0-1.8.3-12 is installed
  • OR libgsttag-1_0-0-1.8.3-12 is installed
  • OR libgsttag-1_0-0-32bit-1.8.3-12 is installed
  • OR libgstvideo-1_0-0-1.8.3-12 is installed
  • OR libgstvideo-1_0-0-32bit-1.8.3-12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • gvim-7.4.326-17.6 is installed
  • OR vim-7.4.326-17.6 is installed
  • OR vim-data-7.4.326-17.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • tomcat-9.0.36-3.45 is installed
  • OR tomcat-admin-webapps-9.0.36-3.45 is installed
  • OR tomcat-docs-webapp-9.0.36-3.45 is installed
  • OR tomcat-el-3_0-api-9.0.36-3.45 is installed
  • OR tomcat-javadoc-9.0.36-3.45 is installed
  • OR tomcat-jsp-2_3-api-9.0.36-3.45 is installed
  • OR tomcat-lib-9.0.36-3.45 is installed
  • OR tomcat-servlet-4_0-api-9.0.36-3.45 is installed
  • OR tomcat-webapps-9.0.36-3.45 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • MozillaFirefox-78.0.1-112.3 is installed
  • OR MozillaFirefox-branding-SLE-78-35.3 is installed
  • OR MozillaFirefox-devel-78.0.1-112.3 is installed
  • OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
    • BACK