An update that solves two vulnerabilities, contains three
features and has four fixes is now available.
Description:
This update for fetchmail fixes the following issues:
CVE-2021-36386: Fixed DoS or information disclosure in some
configurations (bsc#1188875).
CVE-2021-39272: Fixed STARTTLS session encryption bypassing
(fetchmail-SA-2021-02) (bsc#1190069).
Update to 6.4.22 (bsc#1152964, jsc#SLE-18159, jsc#SLE-17903,
jsc#SLE-18059)
Remove all python2 dependencies (bsc#1190896).
De-hardcode /usr/lib path for launch executable (bsc#1174075).
Added hardening to systemd service(s) (bsc#1181400).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-4018=1
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Leap | 15.3 | aarch64 | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.aarch64.rpm | |
openSUSE Leap | 15.3 | ppc64le | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm | |
openSUSE Leap | 15.3 | s390x | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.s390x.rpm | |
openSUSE Leap | 15.3 | x86_64 | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.x86_64.rpm |