SUSE-SU-2022:0211-1

Опубликовано: 27 янв. 2022

Источник: suse-cvrf

Описание

Security update for strongswan

This update for strongswan fixes the following issues:

CVE-2021-45079: Fixed authentication bypass in EAP authentication. (bsc#1194471)

Список пакетов

SUSE Enterprise Storage 6

strongswan-5.8.2-4.17.1

strongswan-doc-5.8.2-4.17.1

strongswan-hmac-5.8.2-4.17.1

strongswan-ipsec-5.8.2-4.17.1

strongswan-libs0-5.8.2-4.17.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

strongswan-5.8.2-4.17.1

strongswan-doc-5.8.2-4.17.1

strongswan-hmac-5.8.2-4.17.1

strongswan-ipsec-5.8.2-4.17.1

strongswan-libs0-5.8.2-4.17.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

strongswan-5.8.2-4.17.1

strongswan-doc-5.8.2-4.17.1

strongswan-hmac-5.8.2-4.17.1

strongswan-ipsec-5.8.2-4.17.1

strongswan-libs0-5.8.2-4.17.1

SUSE Linux Enterprise High Performance Computing 15-ESPOS

strongswan-5.8.2-4.17.1

strongswan-doc-5.8.2-4.17.1

strongswan-hmac-5.8.2-4.17.1

strongswan-ipsec-5.8.2-4.17.1

strongswan-libs0-5.8.2-4.17.1

SUSE Linux Enterprise High Performance Computing 15-LTSS

strongswan-5.8.2-4.17.1

strongswan-doc-5.8.2-4.17.1

strongswan-hmac-5.8.2-4.17.1

strongswan-ipsec-5.8.2-4.17.1

strongswan-libs0-5.8.2-4.17.1

SUSE Linux Enterprise Server 15 SP1-BCL

strongswan-5.8.2-4.17.1

strongswan-doc-5.8.2-4.17.1

strongswan-hmac-5.8.2-4.17.1

strongswan-ipsec-5.8.2-4.17.1

strongswan-libs0-5.8.2-4.17.1

SUSE Linux Enterprise Server 15 SP1-LTSS

strongswan-5.8.2-4.17.1

strongswan-doc-5.8.2-4.17.1

strongswan-hmac-5.8.2-4.17.1

strongswan-ipsec-5.8.2-4.17.1

strongswan-libs0-5.8.2-4.17.1

SUSE Linux Enterprise Server 15-LTSS

strongswan-5.8.2-4.17.1

strongswan-doc-5.8.2-4.17.1

strongswan-hmac-5.8.2-4.17.1

strongswan-ipsec-5.8.2-4.17.1

strongswan-libs0-5.8.2-4.17.1

SUSE Linux Enterprise Server for SAP Applications 15

strongswan-5.8.2-4.17.1

strongswan-doc-5.8.2-4.17.1

strongswan-hmac-5.8.2-4.17.1

strongswan-ipsec-5.8.2-4.17.1

strongswan-libs0-5.8.2-4.17.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

strongswan-5.8.2-4.17.1

strongswan-doc-5.8.2-4.17.1

strongswan-hmac-5.8.2-4.17.1

strongswan-ipsec-5.8.2-4.17.1

strongswan-libs0-5.8.2-4.17.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20220211-1/
Link for SUSE-SU-2022:0211-1
https://lists.suse.com/pipermail/sle-security-updates/2022-January/010126.html
E-Mail link for SUSE-SU-2022:0211-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1194471
SUSE Bug 1194471
https://www.suse.com/security/cve/CVE-2021-45079/
SUSE CVE CVE-2021-45079 page

Описание

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

Затронутые продукты

SUSE Enterprise Storage 6:strongswan-5.8.2-4.17.1

SUSE Enterprise Storage 6:strongswan-doc-5.8.2-4.17.1

SUSE Enterprise Storage 6:strongswan-hmac-5.8.2-4.17.1

SUSE Enterprise Storage 6:strongswan-ipsec-5.8.2-4.17.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-45079.html
CVE-2021-45079
https://bugzilla.suse.com/1194471
SUSE Bug 1194471

SUSE-SU-2022:0211-1

Описание

Список пакетов

SUSE Enterprise Storage 6

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise High Performance Computing 15-ESPOS

SUSE Linux Enterprise High Performance Computing 15-LTSS

SUSE Linux Enterprise Server 15 SP1-BCL

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Server for SAP Applications 15

SUSE Linux Enterprise Server for SAP Applications 15 SP1

Ссылки

Уязвимость: CVE-2021-45079

Описание

Затронутые продукты

Ссылки