|| ||Mageia Updates <firstname.lastname@example.org> |
|| ||email@example.com |
|| ||[updates-announce] MGASA-2013-0060: openconnect-3.15-2.2.mga2
|| ||Thu, 21 Feb 2013 22:02:11 +0100|
|| ||Article, Thread
Date: February 21st, 2013
Affected releases: 2
Updated openconnect packages fix security vulnerability:
A stack-based buffer overflow flaw was found in the way OpenConnect, a
client for Cisco's "AnyConnect" VPN, performed processing of certain
host names, paths, or cookie lists, received from the VPN gateway.
A remote VPN gateway could provide a specially-crafted host name, path
or cookie list that, when processed by the openconnect client would lead
to openconnect executable crash (CVE-2012-6128).
to post comments)