SUSE-SU-2017:1473-1

Опубликовано: 01 июн. 2017

Источник: suse-cvrf

Описание

Security update for strongswan

This update for strongswan fixes the following issues:

CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service (bsc#1039514)
CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service (bsc#1039515)
IKEv1 protocol is vulnerable to DoS amplification attack (bsc#985012)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

strongswan-5.1.3-25.1

strongswan-doc-5.1.3-25.1

strongswan-ipsec-5.1.3-25.1

strongswan-libs0-5.1.3-25.1

SUSE Linux Enterprise Server 12 SP2

strongswan-5.1.3-25.1

strongswan-doc-5.1.3-25.1

strongswan-hmac-5.1.3-25.1

strongswan-ipsec-5.1.3-25.1

strongswan-libs0-5.1.3-25.1

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

strongswan-5.1.3-25.1

strongswan-doc-5.1.3-25.1

strongswan-hmac-5.1.3-25.1

strongswan-ipsec-5.1.3-25.1

strongswan-libs0-5.1.3-25.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

strongswan-5.1.3-25.1

strongswan-doc-5.1.3-25.1

strongswan-hmac-5.1.3-25.1

strongswan-ipsec-5.1.3-25.1

strongswan-libs0-5.1.3-25.1

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20171473-1/
Link for SUSE-SU-2017:1473-1
https://lists.suse.com/pipermail/sle-security-updates/2017-June/002934.html
E-Mail link for SUSE-SU-2017:1473-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1039514
SUSE Bug 1039514
https://bugzilla.suse.com/1039515
SUSE Bug 1039515
https://bugzilla.suse.com/985012
SUSE Bug 985012
https://www.suse.com/security/cve/CVE-2017-9022/
SUSE CVE CVE-2017-9022 page
https://www.suse.com/security/cve/CVE-2017-9023/
SUSE CVE CVE-2017-9023 page

Описание

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP2:strongswan-5.1.3-25.1

SUSE Linux Enterprise Desktop 12 SP2:strongswan-doc-5.1.3-25.1

SUSE Linux Enterprise Desktop 12 SP2:strongswan-ipsec-5.1.3-25.1

SUSE Linux Enterprise Desktop 12 SP2:strongswan-libs0-5.1.3-25.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-9022.html
CVE-2017-9022
https://bugzilla.suse.com/1039514
SUSE Bug 1039514

Описание

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP2:strongswan-5.1.3-25.1

SUSE Linux Enterprise Desktop 12 SP2:strongswan-doc-5.1.3-25.1

SUSE Linux Enterprise Desktop 12 SP2:strongswan-ipsec-5.1.3-25.1

SUSE Linux Enterprise Desktop 12 SP2:strongswan-libs0-5.1.3-25.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-9023.html
CVE-2017-9023
https://bugzilla.suse.com/1039515
SUSE Bug 1039515

SUSE-SU-2017:1473-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

SUSE Linux Enterprise Server 12 SP2

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP2

Ссылки

Уязвимость: CVE-2017-9022

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2017-9023

Описание

Затронутые продукты

Ссылки