An update that solves two vulnerabilities, contains three
features and has four fixes is now available.
Description:
This update for fetchmail fixes the following issues:
CVE-2021-36386: Fixed DoS or information disclosure in some
configurations (bsc#1188875).
CVE-2021-39272: Fixed STARTTLS session encryption bypassing
(fetchmail-SA-2021-02) (bsc#1190069).
Update to 6.4.22 (bsc#1152964, jsc#SLE-18159, jsc#SLE-17903,
jsc#SLE-18059)
Remove all python2 dependencies (bsc#1190896).
De-hardcode /usr/lib path for launch executable (bsc#1174075).
Added hardening to systemd service(s) (bsc#1181400).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1591=1
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Leap | 15.2 | x86_64 | < - openSUSE Leap 15.2 (x86_64): | - openSUSE Leap 15.2 (x86_64):.x86_64.rpm |