Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

openSUSE: 2024:0012-1 Important: CVE-2023-51764 SMTP Fix

opensuse
Calendar Grey January 2, 2024
Dist Opensuse Esm H88
Due to the critical CVE-2023-51764 vulnerability in Postfix, users must update installations urgently to secure mail servers against unauthorized access risks
This update for postfix fixes the following issues: CVE-2023-51764: Fixed SMTP smuggling attack (bsc#1218304).

Description

This update for postfix fixes the following issues:

* CVE-2023-51764: Fixed SMTP smuggling attack (bsc#1218304).

Topics%20covered

Topics Covered

security advisory important suse enterprise smtp attack postfix fix cve-2023-51764 leap 15.3

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP4

zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-12=1

* SUSE Manager Proxy 4.3

zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-12=1

* SUSE Manager Retail Branch Server 4.3

zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-

Server-4.3-2024-12=1

* SUSE Manager Server 4.3

zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-12=1

* SUSE Enterprise Storage 7.1

zypper in -t patch SUSE-Storage-7.1-2024-12=1

* openSUSE Leap 15.3

zypper in -t patch SUSE-2024-12=1

* openSUSE Leap 15.4

zypper in -t patch openSUSE-SLE-15.4-2024-12=1

* Basesystem Module 15-SP4

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2024-12=1

* Legacy Module 15-SP4

zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2024-12=1

* Server...

Read the Full Advisory

Package List

* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)

* postfix-ldap-debuginfo-3.5.9-150300.5.15.1

* postfix-debugsource-3.5.9-150300.5.15.1

* postfix-mysql-debuginfo-3.5.9-150300.5.15.1

* postfix-bdb-debugsource-3.5.9-150300.5.15.1

* postfix-ldap-3.5.9-150300.5.15.1

* postfix-bdb-lmdb-debuginfo-3.5.9-150300.5.15.1

* postfix-devel-3.5.9-150300.5.15.1

* postfix-bdb-3.5.9-150300.5.15.1

* postfix-3.5.9-150300.5.15.1

* postfix-mysql-3.5.9-150300.5.15.1

* postfix-debuginfo-3.5.9-150300.5.15.1

* postfix-bdb-debuginfo-3.5.9-150300.5.15.1

* postfix-bdb-lmdb-3.5.9-150300.5.15.1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)

* postfix-doc-3.5.9-150300.5.15.1

* SUSE Manager Proxy 4.3 (x86_64)

* postfix-ldap-debuginfo-3.5.9-150300.5.15.1

* postfix-debugsource-3.5.9-150300.5.15.1

* postfix-mysql-debuginfo-3.5.9-150300.5.15.1

* postfix-ldap-3.5.9-150300.5.15.1

* postfix-devel-3.5.9-150300.5.15.1

* postfix-3.5.9-150300.5.15.1

* postfix-mysql-3.5.9-150300.5.15.1

*...

Read the Full Advisory

References

* bsc#1218304

* bsc#1218314

## References:

* https://www.suse.com/security/cve/CVE-2023-51764.html

* https://bugzilla.suse.com/show_bug.cgi?id=1218304

* https://bugzilla.suse.com/show_bug.cgi?id=1218314

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:0012-1
Rating: important

Topics%20covered

Topics Covered

security advisory important suse enterprise smtp attack postfix fix cve-2023-51764 leap 15.3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here