OS: Ubuntu 18.04 ELS
Public date: 2023-07-18 13:27:40
* SECURITY UPDATE: Attacker bypasses redirection using unauthorized CA-signed certificate. - debian/patches/CVE-2021-20230.patch: Patch enhancing certificate verification process to prevent unauthorized redirection with CA-signed certificates by refining session data checks. - CVE-2021-20230 * Fix tests: - debian/patches/renew-cert-script.patch: Add script that re-generate expired test certs. * Repacked orig source tarball with renewed certs. * Removed no longer required patch, that mute tests with expired certificates.
Update command: apt-get update apt-get --only-upgrade install stunnel*