Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:1029-1

Опубликовано: 29 мар. 2022
Источник: suse-cvrf

Описание

Security update for openvpn

This update for openvpn fixes the following issues:

  • CVE-2022-0547: Fixed possible authentication bypass in external authentication plug-in (bsc#1197341).

Список пакетов

SUSE Enterprise Storage 6
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Enterprise Storage 7
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise Real Time 15 SP2
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise Server 15 SP1-BCL
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise Server 15 SP1-LTSS
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise Server 15 SP2-BCL
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise Server 15 SP2-LTSS
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise Server 15-LTSS
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise Server for SAP Applications 15
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Manager Proxy 4.1
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Manager Retail Branch Server 4.1
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1
SUSE Manager Server 4.1
openvpn-2.4.3-150000.5.10.1
openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
openvpn-devel-2.4.3-150000.5.10.1

Описание

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.


Затронутые продукты
SUSE Enterprise Storage 6:openvpn-2.4.3-150000.5.10.1
SUSE Enterprise Storage 6:openvpn-auth-pam-plugin-2.4.3-150000.5.10.1
SUSE Enterprise Storage 6:openvpn-devel-2.4.3-150000.5.10.1
SUSE Enterprise Storage 7:openvpn-2.4.3-150000.5.10.1

Ссылки
Уязвимость SUSE-SU-2022:1029-1