CLSA-2023-1689701258

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1689701258.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2023-1689701258
Upstream
Published
2023-07-18T17:27:43Z
Modified
2026-06-04T09:47:05.771764408Z
Summary
Fix CVE(s): CVE-2021-20230
Details
  • SECURITY UPDATE: Attacker bypasses redirection using unauthorized CA-signed certificate.
    • debian/patches/CVE-2021-20230.patch: Patch enhancing certificate verification process to prevent unauthorized redirection with CA-signed certificates by refining session data checks.
    • CVE-2021-20230
  • Fix tests:
    • debian/patches/renew-cert-script.patch: Add script that re-generate expired test certs.
  • Repacked orig source tarball with renewed certs.
  • Removed no longer required patch, that mute tests with expired certificates.
References

Affected packages

TuxCare:Ubuntu:18.04 / stunnel4

Package

Name
stunnel4
Purl
pkg:deb/tuxcare/stunnel4?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:5.44-1ubuntu3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1689701258.json"