Описание
Security update for openconnect
This update for openconnect fixes the following issues:
Security issue fixed:
- CVE-2020-12105: Fixed the improper handling of negative return values from X509_check_ function calls that might have allowed MITM attacks (bsc#1170452).
Список пакетов
SUSE Linux Enterprise Workstation Extension 15 SP1
openconnect-7.08-6.6.1
openconnect-devel-7.08-6.6.1
openconnect-lang-7.08-6.6.1
Ссылки
- Link for SUSE-SU-2020:1337-1
- E-Mail link for SUSE-SU-2020:1337-1
- SUSE Security Ratings
- SUSE Bug 1170452
- SUSE CVE CVE-2020-12105 page
Описание
OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.
Затронутые продукты
SUSE Linux Enterprise Workstation Extension 15 SP1:openconnect-7.08-6.6.1
SUSE Linux Enterprise Workstation Extension 15 SP1:openconnect-devel-7.08-6.6.1
SUSE Linux Enterprise Workstation Extension 15 SP1:openconnect-lang-7.08-6.6.1
Ссылки
- CVE-2020-12105
- SUSE Bug 1170452