[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2020:1301-1 -- SLES mailman

ID: oval:org.secpod.oval:def:89000573Date: (C)2021-02-19   (M)2023-12-20
Class: PATCHFamily: unix




This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug . - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion . Non-security issue fixed: - Fixed rights and ownership on /var/lib/mailman/archives . - Don"t default to invalid hosts for DEFAULT_EMAIL_HOST .

Platform:
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 12 SP4
Product:
mailman
Reference:
SUSE-SU-2020:1301-1
CVE-2020-12108
CVE-2020-12137
CVE    2
CVE-2020-12137
CVE-2020-12108
CPE    5
cpe:/o:suse:suse_linux_enterprise_server:12:sp3
cpe:/a:gnu:mailman
cpe:/o:suse:suse_linux_enterprise_server:12:sp4
cpe:/o:suse:suse_linux_enterprise_server:12:sp2
...

© SecPod Technologies