Information on source package openconnect

Available versions

ReleaseVersion
stretch7.08-1+deb9u1
buster8.02-1+deb10u1
bullseye8.10-1
sid8.10-2

Open unimportant issues

BugstretchbusterbullseyesidDescription
CVE-2020-12823vulnerablevulnerablefixedfixedOpenConnect 8.09 has a buffer overflow, causing a denial of service (a ...
CVE-2020-12105vulnerablevulnerablevulnerablevulnerableOpenConnect through 8.08 mishandles negative return values from X509_c ...

Resolved issues

BugDescription
CVE-2019-16239process_http_response in OpenConnect before 8.05 has a Buffer Overflow ...
CVE-2013-7098OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflo ...
CVE-2012-6128Multiple stack-based buffer overflows in http.c in OpenConnect before ...
CVE-2012-3291Heap-based buffer overflow in OpenConnect 3.18 allows remote servers t ...
CVE-2010-3903Unspecified vulnerability in OpenConnect before 2.23 allows remote Any ...
CVE-2010-3902OpenConnect before 2.26 places the webvpn cookie value in the debuggin ...
CVE-2010-3901OpenConnect before 2.25 does not properly validate X.509 certificates, ...
CVE-2009-5009Double free vulnerability in OpenConnect before 1.40 might allow remot ...

Security announcements

DSA / DLADescription
DLA-2212-1openconnect - security update
DSA-4607-1openconnect - security update
DLA-1945-1openconnect - security update
DSA-2623-1openconnect - buffer overflow
DSA-2495-1openconnect - buffer overflow

Search for package or bug name: Reporting problems