Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
patchinfo.5452
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.5452
<patchinfo incident="5452"> <packager>ndas</packager> <issue tracker="cve" id="2018-16151"/> <issue tracker="cve" id="2018-5388"/> <issue tracker="cve" id="2018-17540"/> <issue tracker="cve" id="2018-10811"/> <issue tracker="cve" id="2018-16152"/> <issue tracker="bnc" id="1094462">VUL-0: CVE-2018-5388: strongswan: buffer underflow in stroke_socket.c</issue> <issue tracker="bnc" id="1093536">VUL-0: CVE-2018-10811: strongswan: denial-of-service vulnerability in strongSwan</issue> <issue tracker="bnc" id="1107874">VUL-0: CVE-2018-16151, CVE-2018-16152: strongswan: several flaws in the gmp plugin that may lead to an authorization bypass vulnerability</issue> <issue tracker="bnc" id="1109845">VUL-0: CVE-2018-17540: strongswan: Insufficient input validation in gmp plugin</issue> <issue tracker="bnc" id="1009254">strongswan: connection to SonicWall fails in Xauth stage</issue> <issue tracker="bnc" id="1071853">Strongswan-5.1.3 scep client fails when the scep server URL is used with HTTPS protocol</issue> <category>security</category> <rating>important</rating> <summary>Security update for strongswan</summary> <description>This update for strongswan provides the following fixes: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket (bsc#1094462). - CVE-2018-10811: Fixed a denial of service during the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF (bsc#1093536). - CVE-2018-16151,CVE-2018-16152: Fixed multiple flaws in the gmp plugin which might lead to authorization bypass (bsc#1107874). - CVE-2018-17540: Fixed an improper input validation in gmp plugin (bsc#1109845). Other issues addressed: - Fixed some client fails when the scep server URL is used with HTTPS protocol (bsc#1071853). - Reject Diffie-Hellman key exchanges using primes smaller than 1024 bit. - Handle unexpected informational message from SonicWall. (bsc#1009254) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor