An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509checkhost negative error code is interpreted as a successful return value.
{ "ubuntu_priority": "low" }
{ "ubuntu_priority": "low", "binaries": [ { "binary_name": "openfortivpn", "binary_version": "1.12.0-1" }, { "binary_name": "openfortivpn-dbgsym", "binary_version": "1.12.0-1" } ], "availability": "No subscription required" }