SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3899

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3899

Security update for sendmail

Type: security

Severity: important

Issued: 2022-11-08

Description:

This update for sendmail fixes the following issues:

  - CVE-2022-31256: Fixed mail to root privilege escalation via sm-client.pre script (bsc#1204696, bsc#1202937).

References

CVE: CVE-2022-31256
Bugzilla: 1204696 VUL-0: CVE-2022-31256: sendmail: mail to root privilege escalation via sm-client.pre script
Bugzilla: 1202937 AUDIT-1: sendmail: sm-client.pre creates a pidfile in /var/spool/clientmqueue/sm-client.pid which is controlled by mail:mail

Packages

sendmail-8.15.2-150000.8.9.1