6 matches found
openSUSE Security Update : csync2 (openSUSE-2021-853)
This update for csync2 fixes the following issues : - CVE-2019-15522: Fixed an issue where daemon fails to enforce TLS bsc1147137 - CVE-2019-15523: Fixed an incorrect TLS handshake error handling bsc1147139 This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C...
openSUSE: Security Advisory for csync2 (openSUSE-SU-2021:0853-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:0853-1 Security update for csync2
This update for csync2 fixes the following issues: - CVE-2019-15522: Fixed an issue where daemon fails to enforce TLS bsc1147137 - CVE-2019-15523: Fixed an incorrect TLS handshake error handling bsc1147139 This update was imported from the SUSE:SLE-15:Update update project...
Security update for csync2 (moderate)
openSUSE Security Update: Security update for csync2 Announcement ID: openSUSE-SU-2021:0853-1 Rating: moderate References: 1147137 1147139 Cross-References: CVE-2019-15522 CVE-2019-15523 CVSS scores: CVE-2019-15522 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-15522 SUSE: 3.5...
SUSE-SU-2021:1858-1 Security update for csync2
This update for csync2 fixes the following issues: - CVE-2019-15522: Fixed an issue where daemon fails to enforce TLS bsc1147137 - CVE-2019-15523: Fixed an incorrect TLS handshake error handling bsc1147139...
CVE-2019-15523
CVE-2019-15523 affects LINBIT csync2 up to version 2.0. The issue stems from not correctly checking the GNUTLS_E_WARNING_ALERT_RECEIVED return value from gnutls_handshake() and failing to call it again as required by the API design, which may lead to improper TLS handling. Publicly documented imp...