Описание
Security update for openfortivpn
This update for openfortivpn to version 1.12.0 fixes the following issues:
- CVE-2020-7043: Fixed a TLS Certificate CommonName NULL Byte Vulnerability (boo#1165301).
- CVE-2020-7042: Fixed use of uninitialized memory in X509_check_host (boo#1165300).
- CVE-2020-7041: Fixed incorrect use of X509_check_host (boo#1165299).
Список пакетов
openSUSE Leap 15.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0301-1
- SUSE Security Ratings
- SUSE Bug 1165299
- SUSE Bug 1165300
- SUSE Bug 1165301
- SUSE CVE CVE-2020-7041 page
- SUSE CVE CVE-2020-7042 page
- SUSE CVE CVE-2020-7043 page
Описание
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.
Затронутые продукты
Ссылки
- CVE-2020-7041
- SUSE Bug 1165299
Описание
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (only a malformed certificate may be accepted).
Затронутые продукты
Ссылки
- CVE-2020-7042
- SUSE Bug 1165300
Описание
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack.
Затронутые продукты
Ссылки
- CVE-2020-7043
- SUSE Bug 1165301