Overview

File _patchinfo of Package patchinfo.18949

<patchinfo incident="18949">
  <issue tracker="bnc" id="1179908">VUL-0: open-iscsi: AMENSIA:33 various issues uIP affect open-iscsi uip copy</issue>
  <issue tracker="bnc" id="1173886">x-systemd.requires=iscsi.service fstab option breaks mounting if logging to one target fails</issue>
  <issue tracker="bnc" id="1183421">iscsi systemd login service needs to use the "no wait" iscsiadm option for login</issue>
  <issue tracker="cve" id="2020-13988"/>
  <issue tracker="cve" id="2020-17438"/>
  <issue tracker="cve" id="2020-13987"/>
  <issue tracker="cve" id="2020-17437"/>
  <packager>lee_duncan</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for open-iscsi</summary>
  <description>This update for open-iscsi fixes the following issues:

- CVE-2020-17437: uIP Out-of-Bounds Write (bsc#1179908)
- CVE-2020-17438: uIP Out-of-Bounds Write (bsc#1179908)
- CVE-2020-13987: uIP Out-of-Bounds Read (bsc#1179908)
- CVE-2020-13988: uIP Integer Overflow (bsc#1179908)
- Enabled no-wait ("-W") iscsiadm option for iscsi login service (bsc#1173886, bsc#1183421)
- Added the ability to perform async logins (bsc#1173886)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places