Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2423 Release on RHEL 6
Type/Severity
Security Advisory: Important
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2423 and fix several bugs, and add various enhancements are now available for Red Hat En ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2423 Release on RHEL 7
Type/Severity
Security Advisory: Important
Topic
An update is now available for JBoss Core Services on RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerab ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 6416 natives update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application PlatformRed Hat Product Security has rated this update as having a security impact of Important A Com ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP 2423 Release
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services httpd 2423 is now available from the Red Hat Customer Portal for Solaris and Microsoft Windows systemsRed Hat Product Security has rated this release as ...
Synopsis
Important: openssl security update
Type/Severity
Security Advisory: Important
Topic
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sc ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 6416 natives update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 64 for R ...
USN-3087-1 introduced a regression in OpenSSL ...
Several security issues were fixed in OpenSSL ...
Several security issues were fixed in OpenSSL ...
It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system (CVE-2016-2178)
It was discovered that the Datagram TLS (DTLS) implementati ...
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash ...
OpenSSL through 102h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvrc, ssl_sessc, and t1_libc ...
On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as “Critical Severity,” one as “Moderate Severity,” and the other 12 as “Low Severity”
Subsequently, on September 26, the OpenSSL Software Foundatio ...
Nessus is potentially impacted by several vulnerabilities in OpenSSL (20160926) that were recently disclosed and fixed Note that due to the time involved in doing a full analysis of each issue, Tenable has opted to upgrade the included version of OpenSSL as a precaution, and to save time These vulnerabilities may impact Nessus and include:
CVE-2 ...
LCE 481 is possibly impacted by multiple vulnerabilities reported in third-party libraries Tenable has not investigated each one to determine if it is exploitable or the vulnerable code path can be reached Instead, Dev has upgraded the impacted libraries as a faster and safer alternative Due to the number of library upgrades and the potential ...
Tenable's Passive Vulnerability Scanner (PVS) uses third-party libraries to provide certain standardized functionality Four of these libraries were found to contain vulnerabilities and were fixed upstream Those fixes have been integrated despite there being no known exploitation scenarios related to PVS
OpenSSL ssl/statem/statemc read_state_ma ...