Oval Definition:oval:org.opensuse.security:def:58210
Revision Date:2020-12-01Version:1
Title:Security update for strongswan (Important)
Description:

This update for strongswan provides the following fixes: Security issues fixed:

- CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket (bsc#1094462). - CVE-2018-10811: Fixed a denial of service during the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF (bsc#1093536). - CVE-2018-16151,CVE-2018-16152: Fixed multiple flaws in the gmp plugin which might lead to authorization bypass (bsc#1107874). - CVE-2018-17540: Fixed an improper input validation in gmp plugin (bsc#1109845).

Other issues addressed:

- Fixed some client fails when the scep server URL is used with HTTPS protocol (bsc#1071853). - Reject Diffie-Hellman key exchanges using primes smaller than 1024 bit. - Handle unexpected informational message from SonicWall. (bsc#1009254)
Family:unixClass:patch
Status:Reference(s):1005522
1005523
1005524
1005525
1005526
1005527
1005528
1009254
1021578
1027038
1027353
1053431
1071853
1081164
1081294
1085449
1093311
1093536
1094462
1102682
1102775
1107874
1109845
1111122
1111634
1111635
1116574
1117080
1122293
1122299
1149496
1159478
1159479
1159482
1159486
1160048
1167373
1173304
1174662
CVE-2016-2183
CVE-2016-5542
CVE-2016-5554
CVE-2016-5556
CVE-2016-5568
CVE-2016-5573
CVE-2016-5582
CVE-2016-5597
CVE-2017-10053
CVE-2017-10067
CVE-2017-10074
CVE-2017-10081
CVE-2017-10087
CVE-2017-10089
CVE-2017-10090
CVE-2017-10096
CVE-2017-10101
CVE-2017-10102
CVE-2017-10105
CVE-2017-10107
CVE-2017-10108
CVE-2017-10109
CVE-2017-10110
CVE-2017-10111
CVE-2017-10115
CVE-2017-10116
CVE-2017-10125
CVE-2017-10243
CVE-2018-1000807
CVE-2018-1000808
CVE-2018-10811
CVE-2018-11212
CVE-2018-13785
CVE-2018-1417
CVE-2018-16151
CVE-2018-16152
CVE-2018-17540
CVE-2018-17954
CVE-2018-18065
CVE-2018-2783
CVE-2018-2790
CVE-2018-2794
CVE-2018-2795
CVE-2018-2796
CVE-2018-2797
CVE-2018-2798
CVE-2018-2799
CVE-2018-2800
CVE-2018-2814
CVE-2018-2825
CVE-2018-2826
CVE-2018-3136
CVE-2018-3139
CVE-2018-3149
CVE-2018-3169
CVE-2018-3180
CVE-2018-3183
CVE-2018-3214
CVE-2018-5388
CVE-2018-5390
CVE-2018-7169
CVE-2019-16770
CVE-2019-18388
CVE-2019-18389
CVE-2019-18390
CVE-2019-18391
CVE-2019-18860
CVE-2019-2422
CVE-2019-5482
CVE-2020-14059
CVE-2020-9862
CVE-2020-9893
CVE-2020-9894
CVE-2020-9895
CVE-2020-9915
CVE-2020-9925
SUSE-SU-2016:2953-1
SUSE-SU-2017:0720-1
SUSE-SU-2017:2280-1
SUSE-SU-2018:0662-1
SUSE-SU-2018:1738-2
SUSE-SU-2019:0604-1
SUSE-SU-2019:0955-1
SUSE-SU-2019:2339-2
SUSE-SU-2019:3266-1
SUSE-SU-2020:0016-1
SUSE-SU-2020:0311-1
SUSE-SU-2020:1803-1
SUSE-SU-2020:2232-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • sddm-0.17.0-lp150.8 is installed
  • OR sddm-branding-openSUSE-0.17.0-lp150.8 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gvim-8.0.1568-lp151.5.3 is installed
  • OR vim-8.0.1568-lp151.5.3 is installed
  • OR vim-data-8.0.1568-lp151.5.3 is installed
  • OR vim-data-common-8.0.1568-lp151.5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.121-36 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.121-36 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.121-36 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.121-36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libsnmp30-5.7.3-6.3 is installed
  • OR libsnmp30-32bit-5.7.3-6.3 is installed
  • OR net-snmp-5.7.3-6.3 is installed
  • OR perl-SNMP-5.7.3-6.3 is installed
  • OR snmp-mibs-5.7.3-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND iputils-s20121221-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.252-27.45 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.252-27.45 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.252-27.45 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.252-27.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND ucode-intel-20191112a-13.56 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • xen-4.9.4_06-3.59 is installed
  • OR xen-doc-html-4.9.4_06-3.59 is installed
  • OR xen-libs-4.9.4_06-3.59 is installed
  • OR xen-libs-32bit-4.9.4_06-3.59 is installed
  • OR xen-tools-4.9.4_06-3.59 is installed
  • OR xen-tools-domU-4.9.4_06-3.59 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • gv-3.7.4-1 is installed
  • OR wdiff-1.2.1-3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • strongswan-5.1.3-26.13 is installed
  • OR strongswan-doc-5.1.3-26.13 is installed
  • OR strongswan-hmac-5.1.3-26.13 is installed
  • OR strongswan-ipsec-5.1.3-26.13 is installed
  • OR strongswan-libs0-5.1.3-26.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND cobbler-2.6.6-49.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND golang-github-prometheus-node_exporter-0.18.1-1.6 is installed
    • BACK