Security update for openvpn

SUSE Security Update: Security update for openvpn
Announcement ID: SUSE-SU-2018:1888-1
Rating: moderate
References: #1090839
Affected Products:
  • SUSE Linux Enterprise Module for Basesystem 15

  • An update that fixes one vulnerability is now available.

    Description:

    This update for openvpn fixes the following issues:

    - CVE-2018-9336: Fix potential double-free() in Interactive Service could
    lead to denial of service (bsc#1090839).

    Patch Instructions:

    To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Module for Basesystem 15:
      zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-1284=1

    Package List:

    • SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64):
      • openvpn-2.4.3-5.3.19
      • openvpn-auth-pam-plugin-2.4.3-5.3.19
      • openvpn-auth-pam-plugin-debuginfo-2.4.3-5.3.19
      • openvpn-debuginfo-2.4.3-5.3.19
      • openvpn-debugsource-2.4.3-5.3.19
      • openvpn-devel-2.4.3-5.3.19

    References: