Mailinglist Archive: opensuse-updates (86 mails)

< Previous Next >
openSUSE-SU-2014:0715-1: moderate: PostfixAdmin: update to 2.3.7
openSUSE Security Update: PostfixAdmin: update to 2.3.7

Announcement ID: openSUSE-SU-2014:0715-1
Rating: moderate
References: #870434
Cross-References: CVE-2014-2655
Affected Products:
openSUSE 13.1
openSUSE 12.3

An update that fixes one vulnerability is now available.


Update PostfixAdmin to 2.3.7:
- fix a SQL injection in list-virtual.php (CVE-2014-2655, bnc#870434)
- add support for new longer TLDs like .international
- fix various small bugs
- translation updates for lt and da
- disable use of TLS by default due to a bug in Mail::Sender
0.8.22 (you can re-enable it with $smtp_tls_allowed)

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2014-393

- openSUSE 12.3:

zypper in -t patch openSUSE-2014-393

To bring your system up-to-date, use "zypper patch".

Package List:

- openSUSE 13.1 (noarch):


- openSUSE 12.3 (noarch):



< Previous Next >
This Thread
  • No further messages