UbuntuUpdates.org

Package "open-iscsi"

Name: open-iscsi

Description:

iSCSI initiator tools

Latest version: 2.0.874-7.1ubuntu6.4
Release: focal (20.04)
Level: security
Repository: main
Homepage: http://www.open-iscsi.com/

Links


Download "open-iscsi"


Other versions of "open-iscsi" in Focal

Repository Area Version
base main 2.0.874-7.1ubuntu6
security universe 2.0.874-7.1ubuntu6.4
updates main 2.0.874-7.1ubuntu6.4
updates universe 2.0.874-7.1ubuntu6.4

Changelog

Version: 2.0.874-7.1ubuntu6.4 2023-07-27 14:07:00 UTC

  open-iscsi (2.0.874-7.1ubuntu6.4) focal-security; urgency=medium

  * SECURITY UPDATE: Out-of-Bounds
    - debian/patches/CVE-2020-13987.patch: check for header length
      underflow during checksum calculation in iscsiuio/src/uip/uip.c.
    - CVE-2020-13987
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2020-13988.patch: check for u8 overflow when
      processing TCP options.
    - CVE-2020-13988
  * SECURITY UPDATE: Buffer over read
    - debian/patches/CVE-2020-17437.patch: check for TCP urgent
      pointer past end of frame in iscsiuio/src/uip/uip.c.
    - CVE-2020-17437

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 25 Jul 2023 11:33:19 -0300

Source diff to previous version
CVE-2020-13987 An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the che
CVE-2020-13988 An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 net
CVE-2020-17437 An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configur

Version: 2.0.874-7.1ubuntu6.3 2023-05-15 17:16:30 UTC

  open-iscsi (2.0.874-7.1ubuntu6.3) focal-security; urgency=medium

  * No-change rebuild in -security pocket.

 -- Marc Deslauriers <email address hidden> Sun, 14 May 2023 11:33:49 -0400




About   -   Send Feedback to @ubuntu_updates