Security update for strongswan
Announcement ID: | SUSE-SU-2012:0686-1 |
Rating: | moderate |
References: | #761325 |
Affected Products: |
An update that fixes one vulnerability is now available. It includes one version update.
Description:
This update fixed a security issue in strongswan's "gmp"
plugin which could be exploited by attackers to forge RSA
signature/certificate to authenticate as any legitimate
user (CVE-2012-2388
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp1-strongswan-6333
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-strongswan-6333
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-strongswan-6333
- SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp1-strongswan-6333
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-strongswan-6333
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.4.0]:
- strongswan-4.4.0-6.13.1
- strongswan-doc-4.4.0-6.13.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 4.4.0]:
- strongswan-4.4.0-6.13.1
- strongswan-doc-4.4.0-6.13.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.4.0]:
- strongswan-4.4.0-6.13.1
- strongswan-doc-4.4.0-6.13.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
- strongswan-4.4.0-6.9.1
- strongswan-doc-4.4.0-6.9.1
- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 4.4.0]:
- strongswan-4.4.0-6.13.1
- strongswan-doc-4.4.0-6.13.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 4.4.0]:
- strongswan-4.4.0-6.13.1
- strongswan-doc-4.4.0-6.13.1