Описание
Security update for openconnect
This update for openconnect fixes the following issues:
- CVE-2020-12823: Fixed a buffer overflow via crafted certificate data which could have led to denial of service (bsc#1171862).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.1
openconnect-7.08-lp151.6.9.1
openconnect-devel-7.08-lp151.6.9.1
openconnect-doc-7.08-lp151.6.9.1
openconnect-lang-7.08-lp151.6.9.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0997-1
- SUSE Security Ratings
- SUSE Bug 1171862
- SUSE CVE CVE-2020-12823 page
Описание
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.
Затронутые продукты
openSUSE Leap 15.1:openconnect-7.08-lp151.6.9.1
openSUSE Leap 15.1:openconnect-devel-7.08-lp151.6.9.1
openSUSE Leap 15.1:openconnect-doc-7.08-lp151.6.9.1
openSUSE Leap 15.1:openconnect-lang-7.08-lp151.6.9.1
Ссылки
- CVE-2020-12823
- SUSE Bug 1171862