UbuntuUpdates.org

Package "openconnect"

Name: openconnect

Description:

open client for Cisco AnyConnect VPN

Latest version: 7.08-3ubuntu0.18.04.2
Release: bionic (18.04)
Level: security
Repository: universe
Homepage: http://www.infradead.org/openconnect/

Links


Download "openconnect"


Other versions of "openconnect" in Bionic

Repository Area Version
base universe 7.08-3
updates universe 7.08-3ubuntu0.18.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 7.08-3ubuntu0.18.04.2 2020-10-01 14:06:56 UTC

  openconnect (7.08-3ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow vulnerability
    - d/p/Fix-buffer-overflow-with-chunked-HTTP-handling-CVE-2.patch: Buffer
      overflow with chunked HTTP handling.
    - CVE-2019-16239
  * SECURITY UPDATE: Fix crash when HTTP has timeout
    - d/p/Close-HTTPS-connection-on-failure-returns-from-proce.patch: HTTPS
      connection on failure returns from process_http_response().

 -- Paulo Flabiano Smorigo <email address hidden> Tue, 29 Sep 2020 19:05:41 +0000

CVE-2019-16239 process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.



About   -   Send Feedback to @ubuntu_updates