openSUSE-SU-2019:2388-1

Опубликовано: 27 окт. 2019

Источник: suse-cvrf

Описание

Security update for openconnect

This update for openconnect fixes the following issues:

CVE-2019-16239: Fixed a buffer overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. (bsc#1151178)

This update was imported from the SUSE:SLE-15:Update update project.

openconnect-7.08-lp150.5.3.1

openconnect-devel-7.08-lp150.5.3.1

openconnect-doc-7.08-lp150.5.3.1

openconnect-lang-7.08-lp150.5.3.1

process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.

openSUSE Leap 15.0:openconnect-7.08-lp150.5.3.1

openSUSE Leap 15.0:openconnect-devel-7.08-lp150.5.3.1

openSUSE Leap 15.0:openconnect-doc-7.08-lp150.5.3.1

openSUSE Leap 15.0:openconnect-lang-7.08-lp150.5.3.1