Oval Definition:oval:org.opensuse.security:def:60693
Revision Date:2020-12-01Version:1
Title:Security update for mailman (Important)
Description:

This update for mailman fixes the following issues:

Security issue fixed:

- CVE-2020-12108: Fixed a content injection bug (bsc#1171363). - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion (bsc#1170558).

Non-security issue fixed:

- Fixed rights and ownership on /var/lib/mailman/archives (bsc#1167068). - Don't default to invalid hosts for DEFAULT_EMAIL_HOST (bsc#682920).
Family:unixClass:patch
Status:Reference(s):1013992
1013993
1056088
1056090
1056093
1056095
1056097
1056101
1056105
1080074
1085415
1097158
1097748
1101295
1104448
1105019
1106171
1106172
1106173
1106195
1107410
1107411
1107412
1107413
1107420
1107421
1107422
1107423
1107426
1107581
1108027
1109105
1113534
1113652
1117625
1117626
1117627
1117629
1117630
1117951
1144903
1146358
1146359
1153108
1153158
1153161
1158809
1159548
1159856
1159858
1159860
1160163
1160250
1160251
1160937
1167068
1169511
1169740
1170558
1171355
1171363
1172037
1172277
1172651
1173334
1173351
1175534
1176343
1176344
1176345
1176346
1176347
1176348
1176349
1176350
682920
910683
914442
950110
950111
CVE-2014-9636
CVE-2014-9913
CVE-2015-7696
CVE-2015-7697
CVE-2016-9844
CVE-2017-12194
CVE-2017-13738
CVE-2017-13739
CVE-2017-13740
CVE-2017-13741
CVE-2017-13743
CVE-2017-13744
CVE-2018-0732
CVE-2018-0734
CVE-2018-1000035
CVE-2018-10873
CVE-2018-10893
CVE-2018-12115
CVE-2018-12116
CVE-2018-12120
CVE-2018-12121
CVE-2018-12122
CVE-2018-12123
CVE-2018-15908
CVE-2018-15909
CVE-2018-15910
CVE-2018-15911
CVE-2018-16509
CVE-2018-16510
CVE-2018-16511
CVE-2018-16513
CVE-2018-16539
CVE-2018-16540
CVE-2018-16541
CVE-2018-16542
CVE-2018-16543
CVE-2018-16585
CVE-2018-16802
CVE-2018-17183
CVE-2018-5407
CVE-2018-8956
CVE-2019-10220
CVE-2019-1551
CVE-2019-15691
CVE-2019-15692
CVE-2019-15693
CVE-2019-15694
CVE-2019-15695
CVE-2019-16782
CVE-2019-17133
CVE-2019-8675
CVE-2019-8696
CVE-2020-11868
CVE-2020-12108
CVE-2020-12137
CVE-2020-13817
CVE-2020-14364
CVE-2020-15025
CVE-2020-25595
CVE-2020-25596
CVE-2020-25597
CVE-2020-25599
CVE-2020-25600
CVE-2020-25601
CVE-2020-25603
CVE-2020-25604
CVE-2020-2654
CVE-2020-2756
CVE-2020-2757
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2830
CVE-2020-8161
CVE-2020-8184
SUSE-SU-2017:2570-1
SUSE-SU-2018:0877-1
SUSE-SU-2018:2796-1
SUSE-SU-2019:0395-1
SUSE-SU-2019:3057-1
SUSE-SU-2020:0474-1
SUSE-SU-2020:1301-1
SUSE-SU-2020:1683-1
SUSE-SU-2020:1805-1
SUSE-SU-2020:2678-1
SUSE-SU-2020:2787-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gd-2.2.5-lp150.3.3 is installed
  • OR gd-devel-2.2.5-lp150.3.3 is installed
  • OR libgd3-2.2.5-lp150.3.3 is installed
  • OR libgd3-32bit-2.2.5-lp150.3.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • expat-2.2.5-lp151.3.3 is installed
  • OR libexpat-devel-2.2.5-lp151.3.3 is installed
  • OR libexpat-devel-32bit-2.2.5-lp151.3.3 is installed
  • OR libexpat1-2.2.5-lp151.3.3 is installed
  • OR libexpat1-32bit-2.2.5-lp151.3.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • mercurial-4.5.2-lp152.7.3 is installed
  • OR mercurial-lang-4.5.2-lp152.7.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • liblouis-2.6.4-6.3 is installed
  • OR liblouis-data-2.6.4-6.3 is installed
  • OR liblouis9-2.6.4-6.3 is installed
  • OR python-louis-2.6.4-6.3 is installed
  • OR python3-louis-2.6.4-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • cups-1.7.5-20.26 is installed
  • OR cups-client-1.7.5-20.26 is installed
  • OR cups-libs-1.7.5-20.26 is installed
  • OR cups-libs-32bit-1.7.5-20.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libXvnc1-1.6.0-18.28 is installed
  • OR tigervnc-1.6.0-18.28 is installed
  • OR xorg-x11-Xvnc-1.6.0-18.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_100-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libspice-server1-0.12.8-6 is installed
  • OR spice-0.12.8-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND ant-1.9.4-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND mailman-2.1.17-3.20 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • grub2-2.02-12.39 is installed
  • OR grub2-i386-pc-2.02-12.39 is installed
  • OR grub2-snapper-plugin-2.02-12.39 is installed
  • OR grub2-systemd-sleep-plugin-2.02-12.39 is installed
  • OR grub2-x86_64-efi-2.02-12.39 is installed
  • OR grub2-x86_64-xen-2.02-12.39 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND nodejs6-6.14.4-11.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-SQLAlchemy-1.2.10-3.3 is installed
    • BACK