SUSE-SU-2015:1062-1

Опубликовано: 27 мая 2015

Источник: suse-cvrf

Описание

Security update for stunnel

This update fixes an authentication bypass when using the 'redirect' option (CVE-2015-3644, bsc#931517, backport from v5.17).

Список пакетов

SUSE Linux Enterprise Server 12

stunnel-5.00-3.1

SUSE Linux Enterprise Server for SAP Applications 12

stunnel-5.00-3.1

Ссылки

https://www.suse.com/support/update/announcement/2015/suse-su-20151062-1/
Link for SUSE-SU-2015:1062-1
https://lists.suse.com/pipermail/sle-security-updates/2015-June/001439.html
E-Mail link for SUSE-SU-2015:1062-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/931517
SUSE Bug 931517
https://www.suse.com/security/cve/CVE-2015-3644/
SUSE CVE CVE-2015-3644 page

Описание

Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.

Затронутые продукты

SUSE Linux Enterprise Server 12:stunnel-5.00-3.1

SUSE Linux Enterprise Server for SAP Applications 12:stunnel-5.00-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-3644.html
CVE-2015-3644
https://bugzilla.suse.com/1177580
SUSE Bug 1177580
https://bugzilla.suse.com/931517
SUSE Bug 931517

SUSE-SU-2015:1062-1

Описание

Список пакетов

SUSE Linux Enterprise Server 12

SUSE Linux Enterprise Server for SAP Applications 12

Ссылки

Уязвимость: CVE-2015-3644

Описание

Затронутые продукты

Ссылки