Commit 0c866c51 authored by Rhonda D'Vine's avatar Rhonda D'Vine 🏳🌈

BSA-115 salt, BSA-116 openvpn

parent fc7a332c
......@@ -112,4 +112,5 @@
112 iucode-tool
113 xrdp
114 wordpress
115 salt
116 openvpn
[[!meta date="2017-06-26 22:16:01 UTC"]]
Al Nikolov uploaded new package for salt which fixed the
following security problem:
CVE-2017-8109
The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4
copied over configuration from the Salt Master without adjusting
permissions, which might leak credentials to local attackers on
configured minions (clients).
For the jessie-backports distribution the problems have been fixed in
version 2016.11.2+ds-1~bpo8+2.
[[!meta date="2017-07-04 21:15:59 UTC"]]
Bernhard Schmidt uploaded new packages for openvpn which fixed the
following security problems:
CVE-2017-7479
It was discovered that openvpn did not properly handle the
rollover of packet identifiers. This would allow an authenticated
remote attacker to cause a denial-of-service via application
crash.
CVE-2017-7508
Guido Vranken discovered that openvpn did not properly handle
specific malformed IPv6 packets. This would allow a remote
attacker to cause a denial-of-service via application crash.
CVE-2017-7520
Guido Vranken discovered that openvpn did not properly handle
clients connecting to an HTTP proxy with NTLMv2
authentication. This would allow a remote attacker to cause a
denial-of-service via application crash, or potentially leak
sensitive information like the user's proxy password.
CVE-2017-7521
Guido Vranken discovered that openvpn did not properly handle
some x509 extensions. This would allow a remote attacker to cause
a denial-of-service via application crash.
For the jessie-backports distribution the problems have been fixed in
version 2.4.0-6+deb9u1~bpo8+1.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment