Debian DSA-4607-1 : openconnect - security update
Lukas Kupczyk reported a vulnerability in the handling of chunked HTTP in openconnect, an open client for Cisco AnyConnect, Pulse and GlobalProtect VPN. A malicious HTTP server after having accepted its identity certificate, can provide bogus chunk lengths for chunked HTTP encoding and cause a...