SUSE-SU-2017:2143-1

Опубликовано: 11 авг. 2017

Источник: suse-cvrf

Описание

Security update for strongswan

This update for strongswan fixes the following issues:

CVE-2017-11185: Specific RSA signatures passed to the gmp plugin for verification can cause a null-pointer dereference and it may lead to a denial of service (bsc#1051222)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

strongswan-5.1.3-26.5.1

strongswan-doc-5.1.3-26.5.1

strongswan-ipsec-5.1.3-26.5.1

strongswan-libs0-5.1.3-26.5.1

SUSE Linux Enterprise Desktop 12 SP3

strongswan-5.1.3-26.5.1

strongswan-doc-5.1.3-26.5.1

strongswan-ipsec-5.1.3-26.5.1

strongswan-libs0-5.1.3-26.5.1

SUSE Linux Enterprise Server 12 SP2

strongswan-5.1.3-26.5.1

strongswan-doc-5.1.3-26.5.1

strongswan-hmac-5.1.3-26.5.1

strongswan-ipsec-5.1.3-26.5.1

strongswan-libs0-5.1.3-26.5.1

SUSE Linux Enterprise Server 12 SP3

strongswan-5.1.3-26.5.1

strongswan-doc-5.1.3-26.5.1

strongswan-hmac-5.1.3-26.5.1

strongswan-ipsec-5.1.3-26.5.1

strongswan-libs0-5.1.3-26.5.1

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

strongswan-5.1.3-26.5.1

strongswan-doc-5.1.3-26.5.1

strongswan-hmac-5.1.3-26.5.1

strongswan-ipsec-5.1.3-26.5.1

strongswan-libs0-5.1.3-26.5.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

strongswan-5.1.3-26.5.1

strongswan-doc-5.1.3-26.5.1

strongswan-hmac-5.1.3-26.5.1

strongswan-ipsec-5.1.3-26.5.1

strongswan-libs0-5.1.3-26.5.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

strongswan-5.1.3-26.5.1

strongswan-doc-5.1.3-26.5.1

strongswan-hmac-5.1.3-26.5.1

strongswan-ipsec-5.1.3-26.5.1

strongswan-libs0-5.1.3-26.5.1

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20172143-1/
Link for SUSE-SU-2017:2143-1
https://lists.suse.com/pipermail/sle-security-updates/2017-August/003132.html
E-Mail link for SUSE-SU-2017:2143-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1051222
SUSE Bug 1051222
https://www.suse.com/security/cve/CVE-2017-11185/
SUSE CVE CVE-2017-11185 page

Описание

The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP2:strongswan-5.1.3-26.5.1

SUSE Linux Enterprise Desktop 12 SP2:strongswan-doc-5.1.3-26.5.1

SUSE Linux Enterprise Desktop 12 SP2:strongswan-ipsec-5.1.3-26.5.1

SUSE Linux Enterprise Desktop 12 SP2:strongswan-libs0-5.1.3-26.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-11185.html
CVE-2017-11185
https://bugzilla.suse.com/1051222
SUSE Bug 1051222
https://bugzilla.suse.com/1107874
SUSE Bug 1107874

SUSE-SU-2017:2143-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

SUSE Linux Enterprise Desktop 12 SP3

SUSE Linux Enterprise Server 12 SP2

SUSE Linux Enterprise Server 12 SP3

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP3

Ссылки

Уязвимость: CVE-2017-11185

Описание

Затронутые продукты

Ссылки