Описание
Security update for openconnect
This update for openconnect fixes the following issues:
- CVE-2020-12823: Fixed a buffer overflow via crafted certificate data which could have led to denial of service (bsc#1171862).
Список пакетов
SUSE Linux Enterprise Workstation Extension 15 SP1
openconnect-7.08-6.9.1
openconnect-devel-7.08-6.9.1
openconnect-lang-7.08-6.9.1
SUSE Linux Enterprise Workstation Extension 15 SP2
openconnect-7.08-6.9.1
openconnect-devel-7.08-6.9.1
openconnect-lang-7.08-6.9.1
Ссылки
- Link for SUSE-SU-2020:1930-1
- E-Mail link for SUSE-SU-2020:1930-1
- SUSE Security Ratings
- SUSE Bug 1171862
- SUSE CVE CVE-2020-12823 page
Описание
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.
Затронутые продукты
SUSE Linux Enterprise Workstation Extension 15 SP1:openconnect-7.08-6.9.1
SUSE Linux Enterprise Workstation Extension 15 SP1:openconnect-devel-7.08-6.9.1
SUSE Linux Enterprise Workstation Extension 15 SP1:openconnect-lang-7.08-6.9.1
SUSE Linux Enterprise Workstation Extension 15 SP2:openconnect-7.08-6.9.1
Ссылки
- CVE-2020-12823
- SUSE Bug 1171862