Oval Definition:oval:org.opensuse.security:def:60666
Revision Date:2020-12-01Version:1
Title:Security update for strongswan (Important)
Description:

This update for strongswan provides the following fixes: Security issues fixed:

- CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket (bsc#1094462). - CVE-2018-10811: Fixed a denial of service during the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF (bsc#1093536). - CVE-2018-16151,CVE-2018-16152: Fixed multiple flaws in the gmp plugin which might lead to authorization bypass (bsc#1107874). - CVE-2018-17540: Fixed an improper input validation in gmp plugin (bsc#1109845).

Other issues addressed:

- Fixed some client fails when the scep server URL is used with HTTPS protocol (bsc#1071853). - Reject Diffie-Hellman key exchanges using primes smaller than 1024 bit. - Handle unexpected informational message from SonicWall. (bsc#1009254)
Family:unixClass:patch
Status:Reference(s):1002734
1009254
1019074
1041447
1041470
1050896
1064455
1071853
1076366
1082858
1090766
1092100
1093536
1094462
1096985
1097410
1101410
1101412
1101654
1103040
1106515
1107874
1109845
1115960
1116846
1118900
1120657
1125893
1126088
1129180
1131863
1132593
1132666
1134156
1136035
1136085
1140359
1141121
1141676
1141780
1141782
1141783
1141785
1141789
1143215
1145796
1146578
1146882
1146884
1147021
1148158
1148383
1150895
1155419
1159723
1159729
1160471
1163985
1164825
1168404
1168407
1169066
1170441
1171928
1172524
1173144
1174628
917802
CVE-2015-3448
CVE-2016-10127
CVE-2017-6318
CVE-2017-9263
CVE-2017-9265
CVE-2018-0360
CVE-2018-0361
CVE-2018-0495
CVE-2018-1000085
CVE-2018-10811
CVE-2018-1122
CVE-2018-1123
CVE-2018-1124
CVE-2018-1125
CVE-2018-1126
CVE-2018-14679
CVE-2018-15727
CVE-2018-16151
CVE-2018-16152
CVE-2018-17540
CVE-2018-19039
CVE-2018-2579
CVE-2018-2582
CVE-2018-2588
CVE-2018-2599
CVE-2018-2602
CVE-2018-2603
CVE-2018-2618
CVE-2018-2629
CVE-2018-2633
CVE-2018-2634
CVE-2018-2637
CVE-2018-2641
CVE-2018-2663
CVE-2018-2677
CVE-2018-2678
CVE-2018-5388
CVE-2018-558213
CVE-2019-0221
CVE-2019-11771
CVE-2019-11775
CVE-2019-12418
CVE-2019-12973
CVE-2019-13611
CVE-2019-14811
CVE-2019-14812
CVE-2019-14813
CVE-2019-14817
CVE-2019-15043
CVE-2019-15681
CVE-2019-15690
CVE-2019-17563
CVE-2019-17569
CVE-2019-20788
CVE-2019-2614
CVE-2019-2627
CVE-2019-2628
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2816
CVE-2019-3835
CVE-2019-3839
CVE-2019-4473
CVE-2019-5477
CVE-2019-7317
CVE-2020-12861
CVE-2020-12862
CVE-2020-12863
CVE-2020-12864
CVE-2020-12865
CVE-2020-12866
CVE-2020-12867
CVE-2020-14344
CVE-2020-1720
CVE-2020-1927
CVE-2020-1934
CVE-2020-1938
CVE-2020-8163
CVE-2020-9484
SUSE-SU-2017:2212-1
SUSE-SU-2018:0663-1
SUSE-SU-2019:2336-1
SUSE-SU-2019:2478-1
SUSE-SU-2019:2867-1
SUSE-SU-2019:3266-1
SUSE-SU-2020:0586-1
SUSE-SU-2020:1272-1
SUSE-SU-2020:1498-1
SUSE-SU-2020:2140-1
SUSE-SU-2020:2196-1
SUSE-SU-2020:3125-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • apache-pdfbox-1.8.12-lp150.4.3 is installed
  • OR apache-pdfbox-javadoc-1.8.12-lp150.4.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • docker-18.09.6_ce-lp151.2.6 is installed
  • OR docker-bash-completion-18.09.6_ce-lp151.2.6 is installed
  • OR docker-test-18.09.6_ce-lp151.2.6 is installed
  • OR docker-zsh-completion-18.09.6_ce-lp151.2.6 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND firejail-0.9.62-lp152.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND openvswitch-2.7.0-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • LibVNCServer-0.9.9-17.19 is installed
  • OR libvncclient0-0.9.9-17.19 is installed
  • OR libvncserver0-0.9.9-17.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND clamav-0.100.1-33.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • bluez-5.13-5.4 is installed
  • OR libbluetooth3-5.13-5.4 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • strongswan-5.1.3-26.13 is installed
  • OR strongswan-doc-5.1.3-26.13 is installed
  • OR strongswan-hmac-5.1.3-26.13 is installed
  • OR strongswan-ipsec-5.1.3-26.13 is installed
  • OR strongswan-libs0-5.1.3-26.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • mariadb-10.2.29-3.22 is installed
  • OR mariadb-galera-10.2.29-3.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • crowbar-core-5.0+git.1569597589.1f025c557-3.32 is installed
  • OR crowbar-core-branding-upstream-5.0+git.1569597589.1f025c557-3.32 is installed
  • OR crowbar-ha-5.0+git.1567673535.607aada-3.26 is installed
  • OR crowbar-openstack-5.0+git.1570141351.058c8bd44-4.31 is installed
  • OR crowbar-ui-1.2.0+git.1568396400.0344a727-3.12 is installed
  • OR galera-3-25.3.25-4.6 is installed
  • OR galera-3-wsrep-provider-25.3.25-4.6 is installed
  • OR grafana-4.6.5-4.6 is installed
  • OR libmariadb3-3.1.2-3.12 is installed
  • OR mariadb-10.2.25-4.14 is installed
  • OR mariadb-client-10.2.25-4.14 is installed
  • OR mariadb-connector-c-3.1.2-3.12 is installed
  • OR mariadb-errormessages-10.2.25-4.14 is installed
  • OR mariadb-galera-10.2.25-4.14 is installed
  • OR mariadb-tools-10.2.25-4.14 is installed
  • OR novnc-1.0.0-3.6 is installed
  • OR openstack-cinder-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-api-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-backup-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-doc-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-volume-11.2.3~dev16-3.21 is installed
  • OR openstack-glance-15.0.3~dev3-3.12 is installed
  • OR openstack-glance-api-15.0.3~dev3-3.12 is installed
  • OR openstack-glance-doc-15.0.3~dev3-3.12 is installed
  • OR openstack-glance-registry-15.0.3~dev3-3.12 is installed
  • OR openstack-heat-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-api-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-api-cfn-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-api-cloudwatch-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-doc-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-engine-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-plugin-heat_docker-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-test-9.0.8~dev13-3.24 is installed
  • OR openstack-horizon-plugin-neutron-vpnaas-ui-1.0.1~dev3-3.6 is installed
  • OR openstack-keystone-12.0.4~dev4-5.27 is installed
  • OR openstack-keystone-doc-12.0.4~dev4-5.27 is installed
  • OR openstack-monasca-installer-20190923_16.32-3.9 is installed
  • OR openstack-neutron-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-doc-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-gbp-7.3.1~dev56-3.9 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-lbaas-11.0.4~dev6-3.15 is installed
  • OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.15 is installed
  • OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.15 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-server-11.0.9~dev51-3.24 is installed
  • OR openstack-nova-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-api-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-cells-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-compute-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-conductor-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-console-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-doc-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-placement-api-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-scheduler-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev7-3.29 is installed
  • OR python-amqp-2.2.2-3.6 is installed
  • OR python-cinder-11.2.3~dev16-3.21 is installed
  • OR python-glance-15.0.3~dev3-3.12 is installed
  • OR python-heat-9.0.8~dev13-3.24 is installed
  • OR python-horizon-plugin-neutron-vpnaas-ui-1.0.1~dev3-3.6 is installed
  • OR python-keystone-12.0.4~dev4-5.27 is installed
  • OR python-neutron-11.0.9~dev51-3.24 is installed
  • OR python-neutron-gbp-7.3.1~dev56-3.9 is installed
  • OR python-neutron-lbaas-11.0.4~dev6-3.15 is installed
  • OR python-nova-16.1.9~dev7-3.29 is installed
  • OR python-ovs-2.7.2-3.6 is installed
  • OR python-pysaml2-4.0.2-5.3 is installed
  • OR python-urllib3-1.22-5.9 is installed
  • OR release-notes-suse-openstack-cloud-8.20190911-3.20 is installed
  • OR ruby2.1-rubygem-easy_diff-1.0.0-3.4 is installed
  • OR rubygem-easy_diff-1.0.0-3.4 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • dovecot22-2.2.31-19.22 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.22 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.22 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.22 is installed
    • BACK