Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
98
security advisoryRed Hatsecurity fixRed Hat 8.1 RHSA-2021:0620-01 Important: Stunnel Client Cert Fix
An update for stunnel is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: stunnel security update Advisory ID: RHSA-2021:0620-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0620 Issue date: 2021-02-22 CVE Names: CVE-2021-20230 ==================================================================== 1. Summary: An update for stunnel is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - aarch64, ppc64le, s390x, x86_64 3. Description: Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection (encrypted using SSL or TLS) or to provide an encrypted means of connecting to services that do not natively support encryption. Security Fix(es): * stunnel: client certificate not correctly verified when redirect and verifyChain options are used (CVE-2021-20230) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed(https://bugzilla.redhat.com/): 1925226 - CVE-2021-20230 stunnel: client certificate not correctly verified when redirect and verifyChain options are used 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v. 8.1): Source: stunnel-5.48-6.el8_1.src.rpm aarch64: stunnel-5.48-6.el8_1.aarch64.rpm stunnel-debuginfo-5.48-6.el8_1.aarch64.rpm stunnel-debugsource-5.48-6.el8_1.aarch64.rpm ppc64le: stunnel-5.48-6.el8_1.ppc64le.rpm stunnel-debuginfo-5.48-6.el8_1.ppc64le.rpm stunnel-debugsource-5.48-6.el8_1.ppc64le.rpm s390x: stunnel-5.48-6.el8_1.s390x.rpm stunnel-debuginfo-5.48-6.el8_1.s390x.rpm stunnel-debugsource-5.48-6.el8_1.s390x.rpm x86_64: stunnel-5.48-6.el8_1.x86_64.rpm stunnel-debuginfo-5.48-6.el8_1.x86_64.rpm stunnel-debugsource-5.48-6.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-20230 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYDOHQtzjgjWX9erEAQiX5w//fSp7muESFK0MFGna8G7hlPxBPiX3MGaT ccN+guyedREQKDkJbzcGj0IKmoajDZbiaE6DjpxqV3sUUZhI0yM3f3YHqBlLTZAa OulNwCZwOhmixUOVdm+9vG1xyPXFm7D5IiiGF8Cfkb5jheD5NhL1ZzVXVuNm2Sup 2EcR0Iv6OwRdVbJWlgYqrrKSzpCRsbssvzDM1erjqirrGx6VdYM6TB8EjXMZpqBi 5g3ajGiEKo3IJduvv6sk6lYtfr7qCU6zeZE1K3+Jn+PMurACKGQcb6UW/7IxEOY6 zaN4NWFBm0CrQSAzjqA/Cie7yK5c6RM3AGC231DjWSJwcL9gCstTTX8UGx/ci9J1 3x18RVpUJJ+6ulI2blp+oslYGVeIsuKFiF6ffUm5KNPQjQqDIHaRC3j5d6aL0LVA I16mUyVUb6xQ0hLgHZqYWBlbrWs1Pmv1mhlOfmUn+fSWBpWv8Dq6iY8zBrQXz9d5 suIna+6YhXPpvEmt57N4X59X37tNRaCm7XX8Q59gwMTYE/kdwYpzEfwd8pW3/vlQ 8TLWYpP2If/X+98XWHFvvdP8bbEWOjfAXQxs52znSNlYz0blzw/aUqfm14IqkNg8 HBnfdHxPZh/xon6GozoLhh67DT/aK/FGE3LHKbt3RQQBoBc1OYhMwLZWAPwsYt6Q /ohUy1hMz1I=evFH -----END PGPSIGNATURE----- -- RHSA-announce mailing list
Feb 22, 2021
•Important
Red Hat
202
security advisorymoderatesecurity fixopenSUSE Leap 15.2: 2021:0220-1 Moderate: OpenSSL Vulnerability Patch
An update that contains security fixes can now be installed. . openSUSE Security Update: Security update for stunnel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0160-1 Rating: moderate References: #1177580 #1178533 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for stunnel fixes the following issues: Security issue fixed: - The "redirect" option was fixed to properly handle "verifyChain = yes" (bsc#1177580). Non-security issues fixed: - Fix startup problem of the stunnel daemon (bsc#1178533) - update to 5.57: * Security bugfixes * New features - New securityLevel configuration file option. - Support for modern PostgreSQL clients - TLS 1.3 configuration updated for better compatibility. * Bugfixes - Fixed a transfer() loop bug. - Fixed memory leaks on configuration reloading errors. - DH/ECDH initialization restored for client sections. - Delay startup with systemd until network is online. - A number of testing framework fixes and improvements. - update to 5.56: - Various text files converted to Markdown format. - Support for realpath(3) implementations incompatible with POSIX.1-2008, such as 4.4BSD or Solaris. - Support for engines without PRNG seeding methods (thx to Petr Mikhalitsyn). - Retry unsuccessful port binding on configuration file reload. - Thread safety fixes in SSL_SESSION object handling. - Terminate clients on exit in the FORK threading model. - Fixup stunnel.conf handling: * Remove old static openSUSE provided stunnel.conf. * Use upstream stunnel.conf and tailor it for openSUSE using sed. * Don't show README.openSUSE when installing. - enable/etc/stunnel/conf.d - re-enable openssl.cnf This update was imported from the SUSE:SLE-15-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-160=1 Package List: - openSUSE Leap 15.2 (noarch): stunnel-doc-5.57-lp152.2.3.1 - openSUSE Leap 15.2 (x86_64): stunnel-5.57-lp152.2.3.1 stunnel-debuginfo-5.57-lp152.2.3.1 stunnel-debugsource-5.57-lp152.2.3.1 References: https://bugzilla.suse.com/1177580 https://bugzilla.suse.com/1178533 . This CentOS upgrade includes critical security patches for OpenSSH, boosting system integrity and connectivity.. openSUSE, network security, stunnel security. . LinuxSecurity.com Team
Jan 25, 2021
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!