Oval Definition:	oval:org.opensuse.security:def:20207042
Revision Date: 2022-06-30 Version: 1 Title: CVE-2020-7042 Description: An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (only a malformed certificate may be accepted). Family: unix Class: vulnerability Status: Reference(s): CVE-2020-7042 openSUSE-SU-2020:0301-1 openSUSE-SU-2020:0305-1 Mitre CVE-2020-7042 SUSE CVE-2020-7042 openSUSE-SU-2020:0301-1 openSUSE-SU-2020:0305-1 Platform(s): openSUSE Leap 15.1 openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0 SUSE Package Hub for SUSE Linux Enterprise 15 SP1 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information openfortivpn-1.12.0-lp151.2.5 is installed AND openfortivpn is signed with openSUSE key Definition Synopsis openSUSE Tumbleweed is installed AND openfortivpn-1.17.1-1.1 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 15 SP1 is installed AND openfortivpn-1.12.0-bp151.3.3.1 is installed
BACK