Information on source package openconnect

Available versions

ReleaseVersion
jessie6.00-2
jessie (security)6.00-2+deb8u1
stretch7.08-1
buster8.02-1
bullseye8.02-1
sid8.02-1

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-16239fixedvulnerablevulnerablevulnerablevulnerableprocess_http_response in OpenConnect before 8.05 has a Buffer Overflow ...

Resolved issues

BugDescription
CVE-2012-6128Multiple stack-based buffer overflows in http.c in OpenConnect before ...
CVE-2012-3291Heap-based buffer overflow in OpenConnect 3.18 allows remote servers t ...
CVE-2010-3903Unspecified vulnerability in OpenConnect before 2.23 allows remote Any ...
CVE-2010-3902OpenConnect before 2.26 places the webvpn cookie value in the debuggin ...
CVE-2010-3901OpenConnect before 2.25 does not properly validate X.509 certificates, ...
CVE-2009-5009Double free vulnerability in OpenConnect before 1.40 might allow remot ...

Security announcements

DSA / DLADescription
DLA-1945-1openconnect - security update
DSA-2623-1openconnect - buffer overflow
DSA-2495-1openconnect - buffer overflow

Search for package or bug name: Reporting problems