Oval Definition:oval:org.opensuse.security:def:88909
Revision Date:2020-05-18Version:1
Title:Security update for mailman (Important)
Description:

This update for mailman fixes the following issues:

Security issue fixed:

- CVE-2020-12108: Fixed a content injection bug (bsc#1171363). - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion (bsc#1170558).

Non-security issue fixed:

- Fixed rights and ownership on /var/lib/mailman/archives (bsc#1167068). - Don't default to invalid hosts for DEFAULT_EMAIL_HOST (bsc#682920).
Family:unixClass:patch
Status:Reference(s):1167068
1170558
1171363
682920
CVE-2020-12108
CVE-2020-12137
SUSE-SU-2020:1301-1
Platform(s):SUSE Linux Enterprise Server 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND mailman-2.1.17-3.20.1 is installed
    • BACK