Candidate: CVE-2019-15523
PublicDate: 2020-12-30 21:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15523
 https://github.com/LINBIT/csync2/pull/13/commits/92742544a56bcbcd9ec99ca15f898b31797e39e2
Description:
 An issue was discovered in LINBIT csync2 through 2.0. It does not correctly
 check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the
 gnutls_handshake() function. It neglects to call this function again, as
 required by the design of the API.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: low
Discovered-by:
Assigned-to: pfsmorigo
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N [5.3 MEDIUM]


Patches_csync2:
upstream_csync2: released (2.0-25-gc0faaf9-1)
precise/esm_csync2: DNE
trusty_csync2: ignored (out of standard support)
trusty/esm_csync2: DNE
xenial_csync2: ignored (end of standard support, was needs-triage)
bionic_csync2: needed
focal_csync2: needed
groovy_csync2: not-affected (2.0-25-gc0faaf9-1)
hirsute_csync2: not-affected
impish_csync2: not-affected
jammy_csync2: not-affected
devel_csync2: not-affected