Описание
Security update for strongswan
This update for strongswan fixes the following issues:
Security issues fixed:
- CVE-2022-40617: Fixed that using untrusted URIs for revocation checking could lead to denial of service (bsc#1203556)
Feature changes:
- Enable Marvell plugin (jsc#SLE-20151)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP4
strongswan-5.8.2-150400.19.3.3
strongswan-doc-5.8.2-150400.19.3.3
strongswan-hmac-5.8.2-150400.19.3.3
strongswan-ipsec-5.8.2-150400.19.3.3
strongswan-libs0-5.8.2-150400.19.3.3
SUSE Linux Enterprise Module for Package Hub 15 SP4
strongswan-nm-5.8.2-150400.19.3.3
SUSE Linux Enterprise Workstation Extension 15 SP4
strongswan-nm-5.8.2-150400.19.3.3
openSUSE Leap 15.4
strongswan-5.8.2-150400.19.3.3
strongswan-doc-5.8.2-150400.19.3.3
strongswan-hmac-5.8.2-150400.19.3.3
strongswan-ipsec-5.8.2-150400.19.3.3
strongswan-libs0-5.8.2-150400.19.3.3
strongswan-mysql-5.8.2-150400.19.3.3
strongswan-nm-5.8.2-150400.19.3.3
strongswan-sqlite-5.8.2-150400.19.3.3
Ссылки
- Link for SUSE-SU-2022:4197-1
- E-Mail link for SUSE-SU-2022:4197-1
- SUSE Security Ratings
- SUSE Bug 1203556
- SUSE CVE CVE-2022-40617 page
Описание
strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP4:strongswan-5.8.2-150400.19.3.3
SUSE Linux Enterprise Module for Basesystem 15 SP4:strongswan-doc-5.8.2-150400.19.3.3
SUSE Linux Enterprise Module for Basesystem 15 SP4:strongswan-hmac-5.8.2-150400.19.3.3
SUSE Linux Enterprise Module for Basesystem 15 SP4:strongswan-ipsec-5.8.2-150400.19.3.3
Ссылки
- CVE-2022-40617
- SUSE Bug 1203556