Advisories » MGASA-2020-0005

Updated openconnect packages fix security vulnerability

Publication date: 05 Jan 2020
Modification date: 05 Jan 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-16239

Description

Updated openconnect packages fix security vulnerability:

Buffer overflow when a malicious server uses HTTP chunked encoding with
crafted chunk sizes (CVE-2019-16239).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25803
• https://lists.opensuse.org/opensuse-updates/2019-10/msg00154.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16239

SRPMS

7/core

• openconnect-8.05-1.mga7