File _patchinfo of Package patchinfo.10640
<issue tracker="bnc" id="1092206">openwsman Web Directories Listable Vulnerability</issue>
<issue tracker="bnc" id="1122623">VUL-0: CVE-2019-3816, CVE-2019-3833: openwsman: Information disclosure and denial of service in openwsman</issue>
<issue tracker="cve" id="2019-3816"/>
<issue tracker="cve" id="2019-3833"/>
<description>This update for openwsman fixes the following issues:
Security issues fixed:
- CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623).
- CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite
loop which leads to Denial of Service (bsc#1122623).
Other issues addressed:
- Added OpenSSL 1.1 compatibility
- Compilation in debug mode fixed
- Directory listing without authentication fixed (bsc#1092206).
<summary>Security update for openwsman</summary>