Security update for openfortivpn
This update for openfortivpn to version 1.12.0 fixes the following issues:
- CVE-2020-7043: Fixed a TLS Certificate CommonName NULL Byte Vulnerability (boo#1165301).
- CVE-2020-7042: Fixed use of uninitialized memory in X509_check_host (boo#1165300).
- CVE-2020-7041: Fixed incorrect use of X509_check_host (boo#1165299).
-
Submitted by
Martin Hauke (mnhauke)
Fixed bugs
bnc#1165299
VUL-0: CVE-2020-7041: openfortivpn: tunnel.c mishandles certificate validation
bnc#1165300
VUL-0: CVE-2020-7042: openfortivpn: tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory
bnc#1165301
VUL-0: CVE-2020-7043: openfortivpn: tunnel.c mishandles certificate validation because hostname comparisons do not consider 0 characters
