stunnel-4.29-3.AXS4
エラータID: AXSA:2013-374:01
Release date:
Thursday, April 11, 2013 - 11:38
Subject:
stunnel-4.29-3.AXS4
Affected Channels:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
Stunnel is a socket wrapper which can provide SSL (Secure Sockets Layer) support to ordinary applications. For example, it can be used in conjunction with imapd to create an SSL secure IMAP server.
Security issues fixed with this release:
• CVE-2013-1762
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
Solution:
Update packages.
CVEs:
CVE-2013-1762
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
Additional Info:
N/A
Download:
SRPMS
- stunnel-4.29-3.AXS4.src.rpm
MD5: fe13d1fb41b017b01cce0796e2fea84f
SHA-256: 7d3a2334922cbe2019cab5cd7102263be7dc5dc1c2cc75947046665b6a0712d0
Size: 548.86 kB
Asianux Server 4 for x86
- stunnel-4.29-3.AXS4.i686.rpm
MD5: fcd2a365d4ddaf745b617d373cbc6f91
SHA-256: 17e820bc683fecfa76c58b4ffcc4cdee843d4fb01f3fcc3e63a891bb5f529f5f
Size: 121.00 kB
Asianux Server 4 for x86_64
- stunnel-4.29-3.AXS4.x86_64.rpm
MD5: c273c5de14af9ab02d46ba079ff061e1
SHA-256: 73b2e0a451fe4ab811a586ff31f0c700cd17fbb9b833196efd0a4c910a48da3a
Size: 119.98 kB
日本語