SUSE-SU-2020:1301-1

Description of the patch:

This update for mailman fixes the following issues:

Security issue fixed:

• CVE-2020-12108: Fixed a content injection bug (bsc#1171363).
• CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion (bsc#1170558).

Non-security issue fixed:

• Fixed rights and ownership on /var/lib/mailman/archives (bsc#1167068).
• Don't default to invalid hosts for DEFAULT_EMAIL_HOST (bsc#682920).