Описание
Security update for strongswan
This update for strongswan fixes the following issues:
- CVE-2017-11185: Specific RSA signatures passed to the gmp plugin for verification can cause a null-pointer dereference and it may lead to a denial of service (bsc#1051222)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
strongswan-4.4.0-6.36.3.1
strongswan-doc-4.4.0-6.36.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
strongswan-4.4.0-6.36.3.1
strongswan-doc-4.4.0-6.36.3.1
Ссылки
- Link for SUSE-SU-2017:2293-1
- E-Mail link for SUSE-SU-2017:2293-1
- SUSE Security Ratings
- SUSE Bug 1051222
- SUSE CVE CVE-2017-11185 page
Описание
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:strongswan-4.4.0-6.36.3.1
SUSE Linux Enterprise Server 11 SP4:strongswan-doc-4.4.0-6.36.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:strongswan-4.4.0-6.36.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:strongswan-doc-4.4.0-6.36.3.1
Ссылки
- CVE-2017-11185
- SUSE Bug 1051222
- SUSE Bug 1107874