SUSE Package Hub - openSUSE-2020-764

Update Info

openSUSE-2020-764

Security update for mailman

Type: security

Severity: moderate

Issued: 2020-06-03

Description:

This update for mailman fixes the following issues:

Security issue fixed:

- CVE-2020-12108: Fixed a content injection bug (boo#1171363).

Non-security issue fixed:

- Don't default to invalid hosts for DEFAULT_EMAIL_HOST (boo#682920)

This update was imported from the openSUSE:Leap:15.1:Update update project.

References

CVE: CVE-2020-12108
Bugzilla: 682920 strange defaults in mailman
Bugzilla: 1171363 VUL-1: CVE-2020-12108: mailman: arbitrary content injection in options.py

Packages

mailman-2.1.29-bp151.5.9.1