Oval Definition:	oval:org.opensuse.security:def:63743
Revision Date: 2020-12-01 Version: 1 Title: Security update for spamassassin (Important) Description: This update for spamassassin to version 3.4.2 fixes the following issues: Security issues fixed: - CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails (bsc#1108745). - CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users (bsc#1108748). - CVE-2018-11780: Fixed a potential remote code execution vulnerability in PDFInfo plugin (bsc#1108750). Non-security issues fixed: - Added four new plugins (disabled by default): HashBL, ResourceLimits, FromNameSpoof, Phishing - sa-update script: optional support for SHA-256 / SHA-512 been added for better validation of rules - GeoIP2 support has been added to RelayCountry and URILocalBL plugins - Several new or enhanced configuration options Family: unix Class: patch Status: Reference(s): 1055478 1070737 1101820 1108745 1108748 1108750 1111657 1122292 1122299 1128858 1129231 1129271 1129392 1132160 1132690 1134190 1134428 1135222 1136020 1136081 1138316 1138748 1140492 1141780 1141782 1141783 1141785 1141787 1141789 1147021 1149792 1156275 1163581 1169760 1170603 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1174091 1176569 981848 CVE-2016-1238 CVE-2017-15705 CVE-2017-18922 CVE-2018-10903 CVE-2018-11212 CVE-2018-11780 CVE-2018-11781 CVE-2018-21247 CVE-2019-11068 CVE-2019-11771 CVE-2019-11772 CVE-2019-11775 CVE-2019-14869 CVE-2019-20839 CVE-2019-20840 CVE-2019-20907 CVE-2019-2449 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-4473 CVE-2019-5419 CVE-2019-7317 CVE-2020-10683 CVE-2020-12268 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 openSUSE-SU-2019:1824-1 openSUSE-SU-2020:0719-1 openSUSE-SU-2020:1265-1 openSUSE-SU-2020:1688-1 SUSE-SU-2019:0736-1 SUSE-SU-2019:1961-1 SUSE-SU-2019:2371-1 SUSE-SU-2019:2983-1 SUSE-SU-2020:0792-1 SUSE-SU-2020:1212-1 SUSE-SU-2020:2167-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information rmt-server-2.3.1-lp151.2.3 is installed OR rmt-server-config-2.3.1-lp151.2.3 is installed OR rmt-server-pubcloud-2.3.1-lp151.2.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information libpython3_6m1_0-3.6.10-lp152.4.6 is installed OR libpython3_6m1_0-32bit-3.6.10-lp152.4.6 is installed OR python3-3.6.10-lp152.4.6 is installed OR python3-32bit-3.6.10-lp152.4.6 is installed OR python3-base-3.6.10-lp152.4.6 is installed OR python3-base-32bit-3.6.10-lp152.4.6 is installed OR python3-curses-3.6.10-lp152.4.6 is installed OR python3-dbm-3.6.10-lp152.4.6 is installed OR python3-devel-3.6.10-lp152.4.6 is installed OR python3-doc-3.6.10-lp152.4.6 is installed OR python3-idle-3.6.10-lp152.4.6 is installed OR python3-testsuite-3.6.10-lp152.4.6 is installed OR python3-tk-3.6.10-lp152.4.6 is installed OR python3-tools-3.6.10-lp152.4.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information perl-Mail-SpamAssassin-3.4.2-44.3 is installed OR spamassassin-3.4.2-44.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed
BACK