stunnel-5.56-5.el8

エラータID: AXSA:2021-1521:02

Release date: 
Tuesday, February 23, 2021 - 04:15
Subject: 
stunnel-5.56-5.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection (encrypted using SSL or TLS) or to provide an encrypted means of connecting to services that do not natively support encryption.

Security Fix(es):

* stunnel: client certificate not correctly verified when redirect and verifyChain options are used (CVE-2021-20230)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-20230
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Solution: 

Update packages.

CVEs: 
CVE-2021-20230
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Additional Info: 

N/A

Download: 

SRPMS
  1. stunnel-5.56-5.el8.src.rpm
    MD5: bf0f67ef43d149e73f52942696c02618
    SHA-256: ff4a0cc8df3fa376a3e2e2dc4ae3c36f89ede57e16421913584597e667d89ce1
    Size: 0.98 MB

Asianux Server 8 for x86_64
  1. stunnel-5.56-5.el8.x86_64.rpm
    MD5: aa8623fabfd5ea42ed5c9a098bfab07f
    SHA-256: c46dd7baf8206adbe767df884b4d678ab621d91162a5076ac484658ebfac7f78
    Size: 162.22 kB