Overview

File _patchinfo of Package patchinfo.4884

<patchinfo incident="4884">
  <issue id="1039514" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-9022: strongswan: Insufficient Input Validation in gmp Plugin</issue>
  <issue id="1039515" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-9023: strongswan: Incorrect x509 ASN.1 parser error handling</issue>
  <issue id="985012" tracker="bnc">VUL-1: strongswan: IKEv1 protocol is vulnerable to DoS amplification attack</issue>
  <issue id="2017-9023" tracker="cve" />
  <issue id="2017-9022" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>ndas</packager>
  <description>This update for strongswan fixes the following issues:

- CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service (bsc#1039514)
- CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service  (bsc#1039515)
- IKEv1 protocol is vulnerable to DoS amplification attack (bsc#985012)

</description>
  <summary>Security update for strongswan</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places