SUSE-SU-2012:0686-1

Security update for strongswan

SUSE Security Update: Security update for strongswan
Announcement ID: SUSE-SU-2012:0686-1
Rating: moderate
References: #761325
Affected Products:
  • SUSE Linux Enterprise Server 11 SP2
  • SUSE Linux Enterprise Server 11 SP1 for VMware
  • SUSE Linux Enterprise Server 11 SP1
  • SUSE Linux Enterprise Server 10 SP4
  • SUSE Linux Enterprise Desktop 11 SP2
  • SUSE Linux Enterprise Desktop 11 SP1
    		•

    An update that fixes one vulnerability is now available. It includes one version update.

    Description:


    This update fixed a security issue in strongswan's "gmp"
    plugin which could be exploited by attackers to forge RSA
    signature/certificate to authenticate as any legitimate
    user (CVE-2012-2388
    > ).

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Server 11 SP2:
      zypper in -t patch slessp1-strongswan-6333
    • SUSE Linux Enterprise Server 11 SP1 for VMware:
      zypper in -t patch slessp1-strongswan-6333
    • SUSE Linux Enterprise Server 11 SP1:
      zypper in -t patch slessp1-strongswan-6333
    • SUSE Linux Enterprise Desktop 11 SP2:
      zypper in -t patch sledsp1-strongswan-6333
    • SUSE Linux Enterprise Desktop 11 SP1:
      zypper in -t patch sledsp1-strongswan-6333

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.4.0]:
    • strongswan-4.4.0-6.13.1
    • strongswan-doc-4.4.0-6.13.1
    • SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 4.4.0]:
    • strongswan-4.4.0-6.13.1
    • strongswan-doc-4.4.0-6.13.1
    • SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.4.0]:
    • strongswan-4.4.0-6.13.1
    • strongswan-doc-4.4.0-6.13.1
    • SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
    • strongswan-4.4.0-6.9.1
    • strongswan-doc-4.4.0-6.9.1
    • SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 4.4.0]:
    • strongswan-4.4.0-6.13.1
    • strongswan-doc-4.4.0-6.13.1
    • SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 4.4.0]:
    • strongswan-4.4.0-6.13.1
    • strongswan-doc-4.4.0-6.13.1

    References:

  • http://support.novell.com/security/cve/CVE-2012-2388.html
  • https://bugzilla.novell.com/761325
  • http://download.suse.com/patch/finder/?keywords=6182785f4415eddda64fc010041fd1e1
  • http://download.suse.com/patch/finder/?keywords=b4b9e72b6ba8e6ab546311ccb9332c19
    • Back

    IT Modernization


    SAP Solutions


    AI and Analytics


    Hybrid Cloud Solutions


    Nonstop IT


    Exit Federal Government

    Back

    Business-Critical Linux

    Enterprise Container Management

    Edge

    All Products
    Back

    Solutions

    Hybrid Cloud IT
    Business-critical Linux

    Run & secure cloud and on-prem workloads
    Run SAP
    Run SAP

    Deliver mission-critical SAP solutions
    Enterprise Container Management
    Enterprise Container Management

    Orchestrate cloud-native apps
    IT Operations at the Edge
    Edge

    Deploy intelligent devices to the edge
    Public Cloud
    SUSE for Public Cloud

    Accelerate innovation across your clouds
    Security
    Security

    Secure your digital enterprise

    Industries

    Back

    Support

    Product Support
    Premium Support Services

    Dedicated support services from a premium team


    Long Term Service Support

    Stay on your existing product version


    Expanded Support

    Support for common Linux platforms


    Renew Your Support Subscription

    Services

    Consulting Services
    Training & Certification
    Premium Technical Advisory Services

    Resources

    SUSE Support User Guide
    Patches & Updates
    Product Documentation
    Knowledgebase
    SUSE Customer Center
    Product Support Life Cycle
    Licensing
    Package Hub

    Community packages for SUSE Linux Enterprise Server


    Driver Search
    Support Forums
    Developer Services
    Beta Program
    Security
    Back

    Partners

    Partner Program


    Find a Partner


    Become a Partner


    Login to the SUSE Partner Portal

    Back

    Communities

    SUSE & Rancher Community

    Blog


    Forum


    Academic


    Open Source Projects


    openSUSE.org



    SUSE Česká republika


    SUSE Israel


    SUSE Magyarország


    SUSE Polska

    Back

    About

    About Us


    Leadership


    Careers


    Newsroom


    Success Stories


    Investor Relations


    Social Impact


    SUSE Logo and Brand


    Events & Webinars


    Merchandise Store


    Communications Preferences

    2020-03-20