Описание
Security update for openconnect
This update for openconnect fixes the following issues:
- CVE-2020-12823: Fixed a buffer overflow via crafted certificate data which could have led to denial of service (bsc#1171862).
Список пакетов
SUSE Linux Enterprise Workstation Extension 12 SP4
openconnect-7.08-3.12.1
openconnect-lang-7.08-3.12.1
SUSE Linux Enterprise Workstation Extension 12 SP5
openconnect-7.08-3.12.1
openconnect-lang-7.08-3.12.1
Ссылки
- Link for SUSE-SU-2020:1807-1
- E-Mail link for SUSE-SU-2020:1807-1
- SUSE Security Ratings
- SUSE Bug 1171862
- SUSE CVE CVE-2020-12823 page
Описание
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.
Затронутые продукты
SUSE Linux Enterprise Workstation Extension 12 SP4:openconnect-7.08-3.12.1
SUSE Linux Enterprise Workstation Extension 12 SP4:openconnect-lang-7.08-3.12.1
SUSE Linux Enterprise Workstation Extension 12 SP5:openconnect-7.08-3.12.1
SUSE Linux Enterprise Workstation Extension 12 SP5:openconnect-lang-7.08-3.12.1
Ссылки
- CVE-2020-12823
- SUSE Bug 1171862