Linbit Csync2 vulnerabilities

CVE-2019-15523 [MEDIUM] CWE-252 CVE-2019-15523: An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return val An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function again, as required by the design of the API.

CVE-2019-15522 [CRITICAL] CVE-2019-15522: An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to f An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL.