Oval Definition:oval:org.opensuse.security:def:60066
Revision Date:2020-12-01Version:1
Title:Security update for mailman (Important)
Description:

This update for mailman fixes the following issues:

Security issue fixed:

- CVE-2020-12108: Fixed a content injection bug (bsc#1171363). - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion (bsc#1170558).

Non-security issue fixed:

- Fixed rights and ownership on /var/lib/mailman/archives (bsc#1167068). - Don't default to invalid hosts for DEFAULT_EMAIL_HOST (bsc#682920).
Family:unixClass:patch
Status:Reference(s):1046856
1108308
1118277
1118987
1124211
1141493
1154824
1156353
1161951
1162197
1162200
1164871
1165631
1167068
1169025
1169625
1169659
1170313
1170383
1170423
1170558
1170618
1170620
1171098
1171195
1171202
1171218
1171219
1171363
1171689
1171698
1171924
1172032
1172221
1172317
1172437
1172466
1173659
1173942
1174247
1174662
682920
CVE-2013-5653
CVE-2013-6401
CVE-2014-3158
CVE-2015-3228
CVE-2015-3310
CVE-2016-10220
CVE-2016-7978
CVE-2016-7979
CVE-2016-8602
CVE-2016-9601
CVE-2017-1000083
CVE-2017-12652
CVE-2017-5951
CVE-2017-7207
CVE-2017-8291
CVE-2018-11805
CVE-2018-19788
CVE-2019-12519
CVE-2019-12520
CVE-2019-12521
CVE-2019-12524
CVE-2019-16746
CVE-2019-7317
CVE-2020-0543
CVE-2020-0548
CVE-2020-0549
CVE-2020-10757
CVE-2020-10757
CVE-2020-11668
CVE-2020-11945
CVE-2020-12108
CVE-2020-12114
CVE-2020-12137
CVE-2020-12652
CVE-2020-12653
CVE-2020-12654
CVE-2020-12656
CVE-2020-14331
CVE-2020-1749
CVE-2020-1930
CVE-2020-1931
CVE-2020-9862
CVE-2020-9893
CVE-2020-9894
CVE-2020-9895
CVE-2020-9915
CVE-2020-9925
SUSE-SU-2017:2390-1
SUSE-SU-2018:3074-1
SUSE-SU-2019:0019-1
SUSE-SU-2019:3060-2
SUSE-SU-2020:1227-1
SUSE-SU-2020:1595-1
SUSE-SU-2020:1596-1
SUSE-SU-2020:2232-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND telepathy-idle-0.2.0-lp150.2 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND teeworlds-0.7.3.1-lp151.2.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND mailman-2.1.17-3.20 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • ghostscript-9.15-22 is installed
  • OR ghostscript-x11-9.15-22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • nfs-client-1.3.0-34.22 is installed
  • OR nfs-doc-1.3.0-34.22 is installed
  • OR nfs-kernel-server-1.3.0-34.22 is installed
  • OR nfs-utils-1.3.0-34.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.31 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed
  • OR python-2.7.13-28.31 is installed
  • OR python-32bit-2.7.13-28.31 is installed
  • OR python-base-2.7.13-28.31 is installed
  • OR python-base-32bit-2.7.13-28.31 is installed
  • OR python-curses-2.7.13-28.31 is installed
  • OR python-demo-2.7.13-28.31 is installed
  • OR python-devel-2.7.13-28.31 is installed
  • OR python-doc-2.7.13-28.31 is installed
  • OR python-doc-pdf-2.7.13-28.31 is installed
  • OR python-gdbm-2.7.13-28.31 is installed
  • OR python-idle-2.7.13-28.31 is installed
  • OR python-tk-2.7.13-28.31 is installed
  • OR python-xml-2.7.13-28.31 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND squid-3.5.21-26.23 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libdcerpc-binding0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libdcerpc0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libdcerpc0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-krb5pac0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-krb5pac0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-nbt0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-nbt0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-standard0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr-standard0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libndr0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libnetapi0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libnetapi0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-credentials0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-credentials0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-errors0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-errors0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-hostconfig0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-hostconfig0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-passdb0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-passdb0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-util0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamba-util0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamdb0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsamdb0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbclient0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbclient0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbconf0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbconf0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbldap0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libsmbldap0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libtevent-util0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libtevent-util0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libwbclient0-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR libwbclient0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-client-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-client-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-doc-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-libs-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-libs-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-winbind-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • OR samba-winbind-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • MozillaFirefox-52.9.0esr-109.38 is installed
  • OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND mailman-2.1.17-3.23 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libpng16-1.6.8-15.5 is installed
  • OR libpng16-16-1.6.8-15.5 is installed
  • OR libpng16-16-32bit-1.6.8-15.5 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.15-30.72 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.4-2.59 is installed
  • OR libwebkit2gtk-4_0-37-2.28.4-2.59 is installed
  • OR libwebkit2gtk3-lang-2.28.4-2.59 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.4-2.59 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.4-2.59 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.28.4-2.59 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.4-2.59 is installed
  • OR webkit2gtk3-2.28.4-2.59 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND nodejs6-6.17.1-11.33 is installed
  • BACK