U radu programskog paketa openconnect uočena su i ispravljena dva nedostatka. Zlonamjeni korisnici mogu iskoristiti navedene ranjivosti za napad uskraćivanjem usluga.
| Paket: | openconnect 3.x |
| Operacijski sustavi: | Fedora 15, Fedora 16, Fedora 17 |
| Problem: | neodgovarajuća provjera ulaznih podataka, preljev međuspremnika |
| Iskorištavanje: | udaljeno |
| Posljedica: | uskraćivanje usluga (DoS) |
| Rješenje: | programska zakrpa proizvođača |
| Izvorni ID preporuke: | FEDORA-2012-6689 |
| Izvor: | Fedora |
| Problem: | |
| Nedostaci su vezani uz preljev međuspremnika i neodgovarajuću obradu libproxy rezulatata. |
|
| Posljedica: | |
| Napadači mogu navedene ranjivosti iskoristiti za DoS (eng. Denial of Service, DoS) napad. |
|
| Rješenje: | |
| Korisnicima se savjetuje instalacija programskih rješenja proizvođača koji otklanjaju opisane propuste. |
|
Izvorni tekst preporuke
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-6689
2012-04-26 19:21:00
--------------------------------------------------------------------------------
Name : openconnect
Product : Fedora 17
Version : 3.18
Release : 1.fc17
URL : http://www.infradead.org/openconnect.html
Summary : Open client for Cisco AnyConnect VPN
Description :
This package provides a client for Cisco's "AnyConnect" VPN, which uses
HTTPS and DTLS protocols.
--------------------------------------------------------------------------------
Update Information:
This update fixes a potential buffer overrun when handling the greeting
banner from the server.
This update fixes a potential crash when processing libproxy results,
and introduces some performance improvements.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update openconnect' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-6758
2012-04-27 05:20:49
--------------------------------------------------------------------------------
Name : openconnect
Product : Fedora 16
Version : 3.18
Release : 1.fc16
URL : http://www.infradead.org/openconnect.html
Summary : Open client for Cisco AnyConnect VPN
Description :
This package provides a client for Cisco's "AnyConnect" VPN, which uses
HTTPS and DTLS protocols.
--------------------------------------------------------------------------------
Update Information:
This update fixes a potential buffer overrun when handling the greeting
banner from the server.
This update fixes a potential crash when processing libproxy results, and
introduces some performance improvement
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 26 2012 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.18-1
- Update to 3.18.
* Fri Apr 20 2012 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.17-1
- Update to 3.17.
* Sun Apr 8 2012 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.16-1
- Update to 3.16.
* Fri Jan 13 2012 Fedora Release Engineering <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> -
3.15-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Fri Nov 25 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.15-1
- Update to 3.15.
* Fri Sep 30 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.14-1
- Update to 3.14.
* Fri Sep 30 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.13-1
- Update to 3.13. (Add localisation support, --cert-expire-warning)
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update openconnect' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-6730
2012-04-27 05:19:01
--------------------------------------------------------------------------------
Name : openconnect
Product : Fedora 15
Version : 3.18
Release : 1.fc15
URL : http://www.infradead.org/openconnect.html
Summary : Open client for Cisco AnyConnect VPN
Description :
This package provides a client for Cisco's "AnyConnect" VPN, which uses
HTTPS and DTLS protocols.
--------------------------------------------------------------------------------
Update Information:
This update fixes a potential buffer overrun when handling the greeting
banner from the server.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 26 2012 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.18-1
- Update to 3.18.
* Fri Apr 20 2012 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.17-1
- Update to 3.17.
* Sun Apr 8 2012 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.16-1
- Update to 3.16.
* Fri Jan 13 2012 Fedora Release Engineering <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> -
3.15-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Fri Nov 25 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.15-1
- Update to 3.15.
* Fri Sep 30 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.14-1
- Update to 3.14.
* Fri Sep 30 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.13-1
- Update to 3.13. (Add localisation support, --cert-expire-warning)
* Mon Sep 12 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.12-1
* Update to 3.12. (Fix DTLS compatibility issue with new ASA firmware)
* Wed Jul 20 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.11-1
- Update to 3.11. (Fix compatibility issue with servers requiring TLS)
* Thu Jun 30 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.10-1
- Update to 3.10. (Drop static library, ship libopenconnect.so.1)
* Tue Apr 19 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.02-2
- Fix manpage (new tarball)
* Tue Apr 19 2011 David Woodhouse <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.02-1
- Update to 3.02.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update openconnect' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Posljednje sigurnosne preporuke