SUSE-SU-2020:1301-1 -- SLES mailmanID: oval:org.secpod.oval:def:89000573 | Date: (C)2021-02-19 (M)2023-12-20 |
Class: PATCH | Family: unix |
This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug . - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion . Non-security issue fixed: - Fixed rights and ownership on /var/lib/mailman/archives . - Don"t default to invalid hosts for DEFAULT_EMAIL_HOST .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |