Lucene search
SuseOPENSUSE-SU-2021:0669-1HistoryMay 05, 2021 - 12:00 a.m.
Security update for postsrsd (moderate)
2021-05-0500:00:00
lists.opensuse.org
18
postsrsd
1.11
1.6
privilege escalation
email address vulnerability
sha-1
dual stack support
srs separator configurable
opensuse
cve-2020-35573
EPSS
0.007
Percentile
80.1%
An update that fixes one vulnerability is now available.
Description:
This update for postsrsd fixes the following issues:
Update to release 1.11 [boo#1180251]
- Drop group privileges as well as user privileges
- Fixed: The subprocess that talks to Postfix could be caused to hang with
a very long email address. [CVE-2020-35573]
Update to release 1.6
- Fix endianness issue with SHA-1 implementation
- Add dual stack support
- Make SRS separator configurable
This update was imported from the openSUSE:Leap:15.2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP2:
zypper in -t patch openSUSE-2021-669=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP2 | aarch64 | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP2 | ppc64le | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm |
| openSUSE Backports SLE | 15-SP2 | s390x | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.s390x.rpm |
| openSUSE Backports SLE | 15-SP2 | x86_64 | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.x86_64.rpm |
Related
nessus
nessus
Ubuntu 18.04 LTS : PostSRSd vulnerability (USN-4730-1)
2021-02-11 00:00:00
Debian DLA-2502-1 : postsrsd security update
2020-12-21 00:00:00
prion
prion
Code injection
2020-12-20 05:15:00
osv
osv
CVE-2020-35573
2020-12-20 05:15:09
postsrsd vulnerability
2021-02-10 23:07:25
postsrsd-1.11-1.3 on GA media
2024-06-15 00:00:00
nvd
nvd
CVE-2020-35573
2020-12-20 05:15:09
openvas
openvas
openSUSE: Security Advisory for postsrsd (openSUSE-SU-2021:0646-1)
2021-05-02 00:00:00
Debian: Security Advisory (DLA-2502-1)
2020-12-21 00:00:00
Ubuntu: Security Advisory (USN-4730-1)
2021-02-11 00:00:00
debiancve
debiancve
CVE-2020-35573
2020-12-20 05:15:09
ubuntu
ubuntu
PostSRSd vulnerability
2021-02-10 00:00:00
alpinelinux
alpinelinux
CVE-2020-35573
2020-12-20 05:15:09
freebsd
freebsd
postsrsd -- Denial of service vulnerability
2020-12-12 00:00:00
suse
suse
Security update for postrsd (moderate)
2021-12-30 00:00:00
Security update for postsrsd (moderate)
2021-05-01 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-12-20 21:38:50
debian
debian
[SECURITY] [DLA 2502-1] postsrsd security update
2020-12-20 22:16:43
ubuntucve
ubuntucve
CVE-2020-35573
2020-12-20 00:00:00
cvelist
cvelist
CVE-2020-35573
2020-12-20 04:53:41
cve
cve
CVE-2020-35573
2020-12-20 05:15:09
gentoo
gentoo
PostSRSd: Denial of service
2021-07-06 00:00:00