Lucene search

HistoryMay 18, 2021 - 12:00 a.m.

openSUSE Security Update : alpine (openSUSE-2021-675)

2021-05-1800:00:00

www.tenable.com

alpine

security update

xoauth2

yahoo! mail

outlook

gmail

tls

imap

smtp

pop3

quota

multifactor authentication

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.5

Confidence

High

EPSS

0.009

Percentile

83.2%

JSON

This update for alpine fixes the following issues :

Update to release 2.24

A few crash fixes
Implementation of XOAUTH2 for Yahoo! Mail.

Update to release 2.23.2

Expansion of the configuration screen for XOAUTH2 to include username, and tenant.
Alpine uses the domain in the From: header of a message to generate a message-id and suppresses all information about Alpine, version, revision, and time of generation of the message-id from this header.
Alpine does not generate Sender or X-X-Sender by default by enabling [X] Disable Sender as the default.
Alpine does not disclose User Agent by default by enabling [X] Suppress User Agent by default.
When messages are selected, pressing the ‘;’ command to broaden or narrow a search, now offers the possibility to completely replace the search, and is almost equivalent to being a shortcut to ‘unselect all messages, and select again’.

Update to release 2.23

Fixes boo#1173281, CVE-2020-14929: Alpine silently proceeds to use an insecure connection after a /tls is sent in certain circumstances.
Implementation of XOAUTH2 authentication support for Outlook.
Add support for the OAUTHBEARER authentication method in Gmail.
Support for the SASL-IR IMAP extension.
Alpine can pass an HTML message to an external web browser, by using the ‘External’ command in the ATTACHMENT INDEX screen.

Update to release 2.22

Support for XOAUTH2 authentication method in Gmail.
NTLM authentication support with the ntlm library.
Added the ‘/tls1_3’ flag for servers that support it.
Add the ‘g’ option to the select command that works in IMAP servers that implement the X-GM-EXT-1 capability (such as the one offered by Gmail).
Added ‘/auth=XYZ’ to the way to define a server. This allows users to select the method to authenticate to an IMAP, SMTP or POP3 server. Examples are /auth=plain, or /auth=gssapi, etc.
When a message is of type multipart/mixed, and its first part is multipart/signed, Alpine will include the text of the original message in a reply message, instead of including a multipart attachment.
Added backward search in the index screen.
pico: Add -dict option to Pico, which allows users to choose a dictionary when spelling.
Drop /usr/bin/mailutil, it is not built by default anymore.
Added Quota subcommands for printing, forwarding, saving, etc.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2021-675.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(149594);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/01");

  script_cve_id("CVE-2020-14929");

  script_name(english:"openSUSE Security Update : alpine (openSUSE-2021-675)");

  script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"This update for alpine fixes the following issues :

Update to release 2.24

  - A few crash fixes

  - Implementation of XOAUTH2 for Yahoo! Mail.

Update to release 2.23.2

  - Expansion of the configuration screen for XOAUTH2 to
    include username, and tenant.

  - Alpine uses the domain in the From: header of a message
    to generate a message-id and suppresses all information
    about Alpine, version, revision, and time of generation
    of the message-id from this header.

  - Alpine does not generate Sender or X-X-Sender by default
    by enabling [X] Disable Sender as the default.

  - Alpine does not disclose User Agent by default by
    enabling [X] Suppress User Agent by default.

  - When messages are selected, pressing the ';' command to
    broaden or narrow a search, now offers the possibility
    to completely replace the search, and is almost
    equivalent to being a shortcut to 'unselect all
    messages, and select again'.

Update to release 2.23

  - Fixes boo#1173281, CVE-2020-14929: Alpine silently
    proceeds to use an insecure connection after a /tls is
    sent in certain circumstances.

  - Implementation of XOAUTH2 authentication support for
    Outlook.

  - Add support for the OAUTHBEARER authentication method in
    Gmail.

  - Support for the SASL-IR IMAP extension.

  - Alpine can pass an HTML message to an external web
    browser, by using the 'External' command in the
    ATTACHMENT INDEX screen.

Update to release 2.22

  - Support for XOAUTH2 authentication method in Gmail. 

  - NTLM authentication support with the ntlm library.

  - Added the '/tls1_3' flag for servers that support it.

  - Add the 'g' option to the select command that works in
    IMAP servers that implement the X-GM-EXT-1 capability
    (such as the one offered by Gmail).

  - Added '/auth=XYZ' to the way to define a server. This
    allows users to select the method to authenticate to an
    IMAP, SMTP or POP3 server. Examples are /auth=plain, or
    /auth=gssapi, etc.

  - When a message is of type multipart/mixed, and its first
    part is multipart/signed, Alpine will include the text
    of the original message in a reply message, instead of
    including a multipart attachment.

  - Added backward search in the index screen.

  - pico: Add -dict option to Pico, which allows users to
    choose a dictionary when spelling.

  - Drop /usr/bin/mailutil, it is not built by default
    anymore.

  - Added Quota subcommands for printing, forwarding,
    saving, etc.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1173281");
  script_set_attribute(attribute:"solution", value:
"Update the affected alpine packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14929");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/06/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/05/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/05/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:alpine");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:alpine-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:alpine-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pico");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pico-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pilot");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pilot-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.2");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE15.2", reference:"alpine-2.24-lp152.5.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"alpine-debuginfo-2.24-lp152.5.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"alpine-debugsource-2.24-lp152.5.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"pico-5.07-lp152.5.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"pico-debuginfo-5.07-lp152.5.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"pilot-2.99-lp152.5.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"pilot-debuginfo-2.99-lp152.5.3.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "alpine / alpine-debuginfo / alpine-debugsource / pico / etc");
}