Описание
Security update for mailman
This update for mailman fixes the following issues:
- CVE-2020-15011: Fixed a possible Arbitrary Content Injection via the private archive login page (bsc#1173369).
Список пакетов
HPE Helion OpenStack 8
mailman-2.1.17-3.23.1
SUSE Enterprise Storage 5
mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server 12 SP2-BCL
mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server 12 SP2-LTSS
mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server 12 SP3-BCL
mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server 12 SP3-LTSS
mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server 12 SP4-LTSS
mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server 12 SP5
mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
mailman-2.1.17-3.23.1
SUSE OpenStack Cloud 7
mailman-2.1.17-3.23.1
SUSE OpenStack Cloud 8
mailman-2.1.17-3.23.1
SUSE OpenStack Cloud 9
mailman-2.1.17-3.23.1
SUSE OpenStack Cloud Crowbar 8
mailman-2.1.17-3.23.1
SUSE OpenStack Cloud Crowbar 9
mailman-2.1.17-3.23.1
Ссылки
- Link for SUSE-SU-2020:2048-1
- E-Mail link for SUSE-SU-2020:2048-1
- SUSE Security Ratings
- SUSE Bug 1173369
- SUSE CVE CVE-2020-15011 page
Описание
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
Затронутые продукты
HPE Helion OpenStack 8:mailman-2.1.17-3.23.1
SUSE Enterprise Storage 5:mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server 12 SP2-BCL:mailman-2.1.17-3.23.1
SUSE Linux Enterprise Server 12 SP2-LTSS:mailman-2.1.17-3.23.1
Ссылки
- CVE-2020-15011
- SUSE Bug 1173369