Описание
Security update for javamail
This update for javamail fixes the following issues:
- Update to version 1.6.2
- CVE-2025-7962: Fixed an improper neutralization of \r and \n UTF-8 characters can lead to SMTP injection (bsc#1246873)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
javamail-1.6.2-150200.3.7.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
javamail-1.6.2-150200.3.7.1
openSUSE Leap 15.6
javamail-1.6.2-150200.3.7.1
javamail-javadoc-1.6.2-150200.3.7.1
Ссылки
- Link for SUSE-SU-2025:03025-1
- E-Mail link for SUSE-SU-2025:03025-1
- SUSE Security Ratings
- SUSE Bug 1246873
- SUSE CVE CVE-2025-7962 page
Описание
In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8 characters to separate different messages.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:javamail-1.6.2-150200.3.7.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:javamail-1.6.2-150200.3.7.1
openSUSE Leap 15.6:javamail-1.6.2-150200.3.7.1
openSUSE Leap 15.6:javamail-javadoc-1.6.2-150200.3.7.1
Ссылки
- CVE-2025-7962
- SUSE Bug 1246873