Summary: | <net-vpn/openconnect-8.09: MITM by mishandling of X509_check return values (CVE-2020-12105) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | floppym, robbat2, samba, sysadmin, williamh |
Priority: | Normal | Keywords: | CC-ARCHES |
Version: | unspecified | Flags: | nattka:
sanity-check+
|
Hardware: | All | ||
OS: | Linux | ||
URL: | https://gitlab.com/openconnect/openconnect/-/merge_requests/96 | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: |
net-vpn/openconnect-8.09-r1 amd64 arm arm64 ppc64 x86
net-vpn/ocserv-1.0.1 amd64 arm arm64 ppc64 x86
sys-auth/oath-toolkit-2.6.2 arm arm64 ppc64
dev-libs/pcl-1.12-r1 amd64 arm arm64 ppc64 x86
net-libs/socket_wrapper-1.2.3 arm64
sys-libs/nss_wrapper-1.1.6 arm64
sys-libs/uid_wrapper-1.2.7 arm64
dev-libs/xmlsec-1.2.29 arm
|
Runtime testing required: | --- |
Bug Depends on: | 718792, 721570 | ||
Bug Blocks: | 722740 |
Description
Sam James
2020-04-23 18:05:58 UTC
@maintainer(s), please keep an eye on this PR, as I will, and hopefully we can apply the patch once upstream merge it. @maintainer(s), 8.09 has been released with a patch for this. Please bump. Sanity check failed:
> net-vpn/openconnect-8.09
> bdepend arm64 stable profile default/linux/arm64/17.0 (9 total)
> net-libs/socket_wrapper
> sys-libs/uid_wrapper
> net-vpn/ocserv-1.0.0
> bdepend arm64 stable profile default/linux/arm64/17.0 (9 total)
> net-libs/socket_wrapper
> sys-libs/nss_wrapper
> sys-libs/uid_wrapper
> sys-auth/oath-toolkit-2.6.2
> depend arm stable profile default/linux/arm/17.0 (1 total)
> dev-libs/xmlsec
> depend arm dev profile default/linux/arm/17.0/armv4 (31 total)
> dev-libs/xmlsec
> rdepend arm stable profile default/linux/arm/17.0 (1 total)
> dev-libs/xmlsec
> rdepend arm dev profile default/linux/arm/17.0/armv4 (31 total)
> dev-libs/xmlsec
All sanity-check issues have been resolved amd64 stable arm64 stable ppc64 stable x86 stable arm stable ---- @maintainer(s), please cleanup [glsa-ing as part of the other bug] The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0102eabe0befa3f87d530f5fc0e5885187ed20c9 commit 0102eabe0befa3f87d530f5fc0e5885187ed20c9 Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2020-06-10 23:32:10 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2020-06-10 23:32:10 +0000 net-vpn/openconnect: remove old Bug: https://bugs.gentoo.org/719108 Signed-off-by: Mike Gilbert <floppym@gentoo.org> net-vpn/openconnect/Manifest | 2 - net-vpn/openconnect/openconnect-8.06.ebuild | 141 -------------------------- net-vpn/openconnect/openconnect-8.08.ebuild | 147 ---------------------------- 3 files changed, 290 deletions(-) This issue was resolved and addressed in GLSA 202006-15 at https://security.gentoo.org/glsa/202006-15 by GLSA coordinator Aaron Bauman (b-man). |