Security update for gnugk SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:1856-1 Final 1 1 2016-07-23T11:24:36Z current 2016-07-23T11:24:36Z 2016-07-23T11:24:36Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for gnugk gnugk was updated fix security issues and bugs. The following issues were fixed: - CVE-2012-3534: denial of service via lots of connections (boo#777486) The new version 4.2 of gnuk also fixes a number of bugs and contains other improvements and fixes. The new library h323plus was added to the distribution as a dependency. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2016-07/msg00070.html E-Mail link for openSUSE-SU-2016:1856-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 gnugk-4.2-3.1 h323plus-1.26.5-2.1 h323plus-devel-1.26.5-2.1 libh323-1_26_5-1.26.5-2.1 gnugk-4.2-3.1 as a component of openSUSE Leap 42.1 h323plus-1.26.5-2.1 as a component of openSUSE Leap 42.1 h323plus-devel-1.26.5-2.1 as a component of openSUSE Leap 42.1 libh323-1_26_5-1.26.5-2.1 as a component of openSUSE Leap 42.1 GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large number of connections. CVE-2012-3534 openSUSE Leap 42.1:gnugk-4.2-3.1 openSUSE Leap 42.1:h323plus-1.26.5-2.1 openSUSE Leap 42.1:h323plus-devel-1.26.5-2.1 openSUSE Leap 42.1:libh323-1_26_5-1.26.5-2.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-07/msg00070.html https://www.suse.com/security/cve/CVE-2012-3534.html CVE-2012-3534 https://bugzilla.suse.com/777486 SUSE Bug 777486