Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

openSUSE: 2019:2594-1 Important: StrongSwan DoS Risk Mitigated

opensuse
Calendar Grey November 30, 2019
Dist Opensuse Esm H88
A security advisory for openSUSE details strongswan updates that mitigate denial of service risks with installation instructions.
An update that fixes 5 vulnerabilities is now available.

Description

This update for strongswan fixes the following issues:

Security issues fixed:

- CVE-2018-5388: Fixed a buffer underflow which may allow to a remote

attacker with local user credentials to resource exhaustion and denial

of service while reading from the socket (bsc#1094462).

- CVE-2018-10811: Fixed a denial of service during the IKEv2 key

derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is

negotiated as PRF (bsc#1093536).

- CVE-2018-16151,CVE-2018-16152: Fixed multiple flaws in the gmp plugin

which might lead to authorization bypass (bsc#1107874).

- CVE-2018-17540: Fixed an improper input validation in gmp plugin

(bsc#1109845).

This update was imported from the SUSE:SLE-15:Update update project.

Topics%20covered

Topics Covered

security advisory DoS important openSUSE strongswan

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-2594=1

Package List

- openSUSE Leap 15.0 (noarch):

strongswan-doc-5.6.0-lp150.3.3.1

- openSUSE Leap 15.0 (x86_64):

strongswan-5.6.0-lp150.3.3.1

strongswan-debuginfo-5.6.0-lp150.3.3.1

strongswan-debugsource-5.6.0-lp150.3.3.1

strongswan-hmac-5.6.0-lp150.3.3.1

strongswan-ipsec-5.6.0-lp150.3.3.1

strongswan-ipsec-debuginfo-5.6.0-lp150.3.3.1

strongswan-libs0-5.6.0-lp150.3.3.1

strongswan-libs0-debuginfo-5.6.0-lp150.3.3.1

strongswan-mysql-5.6.0-lp150.3.3.1

strongswan-mysql-debuginfo-5.6.0-lp150.3.3.1

strongswan-nm-5.6.0-lp150.3.3.1

strongswan-nm-debuginfo-5.6.0-lp150.3.3.1

strongswan-sqlite-5.6.0-lp150.3.3.1

strongswan-sqlite-debuginfo-5.6.0-lp150.3.3.1

References

https://www.suse.com/security/cve/CVE-2018-10811.html

https://www.suse.com/security/cve/CVE-2018-16151.html

https://www.suse.com/security/cve/CVE-2018-16152.html

https://www.suse.com/security/cve/CVE-2018-17540.html

https://www.suse.com/security/cve/CVE-2018-5388.html

https://bugzilla.suse.com/1093536

https://bugzilla.suse.com/1094462

https://bugzilla.suse.com/1107874

https://bugzilla.suse.com/1109845

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2019:2594-1
Rating: important
Affected Products: openSUSE Leap 15.0

Topics%20covered

Topics Covered

security advisory DoS important openSUSE strongswan

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here