Описание
Security update for openvpn
This update for openvpn fixes the following issues:
- CVE-2024-28882: Fix multiple exit notifications from authenticated clients will extend the validity of a closing session (bsc#1227546)
Список пакетов
SUSE Linux Enterprise Server 12 SP5
openvpn-2.3.8-16.32.1
openvpn-auth-pam-plugin-2.3.8-16.32.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
openvpn-2.3.8-16.32.1
openvpn-auth-pam-plugin-2.3.8-16.32.1
Ссылки
- Link for SUSE-SU-2024:3532-1
- E-Mail link for SUSE-SU-2024:3532-1
- SUSE Security Ratings
- SUSE Bug 1227546
- SUSE CVE CVE-2024-28882 page
Описание
OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:openvpn-2.3.8-16.32.1
SUSE Linux Enterprise Server 12 SP5:openvpn-auth-pam-plugin-2.3.8-16.32.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:openvpn-2.3.8-16.32.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:openvpn-auth-pam-plugin-2.3.8-16.32.1
Ссылки
- CVE-2024-28882
- SUSE Bug 1227546