Name : openconnect Product : Fedora 17 Version : 4.08 Release : 1.fc17 URL : http://www.infradead.org/openconnect.html Summary : Open client for Cisco AnyConnect VPN Description : This package provides a client for Cisco's "AnyConnect" VPN, which uses HTTPS and DTLS protocols.
This update fixes a potential buffer overflow in HTTP request generation, which could be triggered by a malicious server generating a large number of cookies or redirecting to a large path or hostname. ------------------------------------------------------------------------------- - ChangeLog:
* Wed Feb 13 2013 David Woodhouse <David.Woodhouse@intel.com> - 4.08-1 - Update to 4.08 release (#910331 CVE-2012-6128) * Fri Aug 31 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.07-2 - Obsolete openconnect-lib-compat (#842840) * Fri Aug 31 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.07-1 - Update to 4.07 release (Fix #845636 CSTP write stall handling) * Mon Jul 23 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.06-1 - Update to 4.06 release * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.05-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jul 12 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.05-1 - Update to 4.05 release (PKCS#11 fixes) * Thu Jul 5 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.04-1 - Update to 4.04 release (Fix PKCS#8 password handling) * Mon Jul 2 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.03-1 - Update to 4.03 release (#836558) * Wed Jun 27 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.02-1 - Update to 4.02 release * Wed Jun 27 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.01-1 - Update to 4.01 release * Thu Jun 21 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.00-3 - Remove zlib from openconnect.pc dependencies * Thu Jun 21 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.00-2 - Fix dependencies for RHEL[56] * Wed Jun 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 4.00-1 - Update to 4.00 release * Wed Jun 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-8 - Add support for building on RHEL[56] * Wed Jun 20 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-7 - Add OpenSSL encrypted PEM file support for GnuTLS * Mon Jun 18 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-6 - Fix crash on cleanup when no client certificate is set (#833141) * Sat Jun 16 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-5 - Enable building compatibility libopenconnect.so.1 * Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-4 - Last patch needs autoreconf * Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-3 - Fix library not to reference OpenSSL symbols when linked against GnuTLS 2 * Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-2 - Fix GnuTLS BuildRequires * Thu Jun 14 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.99-1 - Update to OpenConnect v3.99, use GnuTLS (enables PKCS#11 support) * Sat May 19 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.20-2 - openconnect-devel package should require precisely matching openconnect * Fri May 18 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.20-1 - Update to 3.20. * Thu May 17 2012 David Woodhouse <David.Woodhouse@intel.com> - 3.19-1 - Update to 3.19. ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #910330 - CVE-2012-6128 openconnect: Stack-based buffer overflow when processing certain host names, paths, or cookie lists https://bugzilla.redhat.com/show_bug.cgi?id=910330 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update openconnect' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.