Oval Definition:oval:org.opensuse.security:def:20207041
Revision Date:2022-06-30Version:1
Title:CVE-2020-7041
Description:

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2020-7041
openSUSE-SU-2020:0301-1
openSUSE-SU-2020:0305-1
Mitre CVE-2020-7041
SUSE CVE-2020-7041
openSUSE-SU-2020:0301-1
openSUSE-SU-2020:0305-1
Platform(s):openSUSE Leap 15.1
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
SUSE Package Hub for SUSE Linux Enterprise 15 SP1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • openfortivpn-1.12.0-lp151.2.5 is installed
  • AND openfortivpn is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND openfortivpn-1.17.1-1.1 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 SP1 is installed
  • AND openfortivpn-1.12.0-bp151.3.3.1 is installed
    • BACK