Описание
Security update for openconnect
This update for openconnect fixes the following issues:
- CVE-2019-16239: Fixed a buffer overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. (bsc#1151178)
Список пакетов
SUSE Linux Enterprise Workstation Extension 15
openconnect-7.08-6.3.1
openconnect-devel-7.08-6.3.1
openconnect-lang-7.08-6.3.1
SUSE Linux Enterprise Workstation Extension 15 SP1
openconnect-7.08-6.3.1
openconnect-devel-7.08-6.3.1
openconnect-lang-7.08-6.3.1
Ссылки
- Link for SUSE-SU-2019:2737-1
- E-Mail link for SUSE-SU-2019:2737-1
- SUSE Security Ratings
- SUSE Bug 1151178
- SUSE CVE CVE-2019-16239 page
Описание
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
Затронутые продукты
SUSE Linux Enterprise Workstation Extension 15 SP1:openconnect-7.08-6.3.1
SUSE Linux Enterprise Workstation Extension 15 SP1:openconnect-devel-7.08-6.3.1
SUSE Linux Enterprise Workstation Extension 15 SP1:openconnect-lang-7.08-6.3.1
SUSE Linux Enterprise Workstation Extension 15:openconnect-7.08-6.3.1
Ссылки
- CVE-2019-16239
- SUSE Bug 1151178