Synopsis
Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Core Services Pack Apache Server 2429 packages are now availableRed Hat Product Security has rated this release as having a security impactof Moderate A ...
Synopsis
Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 RHEL 7 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Core Services Pack Apache Server 2429 packages are now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this release as ...
Synopsis
Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 RHEL 6 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Core Services Pack Apache Server 2429 packages are now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this release as h ...
Synopsis
Important: openssl security update
Type/Severity
Security Advisory: Important
Topic
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sc ...
USN-3087-1 introduced a regression in OpenSSL ...
Several security issues were fixed in OpenSSL ...
It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system (CVE-2016-2178)
It was discovered that the Datagram TLS (DTLS) implementati ...
An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code ...
The function BN_bn2dec() does not check the return value of BN_div_word() This can cause an OOB write if an application uses this function with an overly large BIGNUM This could be a problem if an overly large certificate or CRL is printed out from an untrusted source TLS is not affected because record limits will reject an oversized certificate ...
On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as “Critical Severity,” one as “Moderate Severity,” and the other 12 as “Low Severity”
Subsequently, on September 26, the OpenSSL Software Foundatio ...
Nessus is potentially impacted by several vulnerabilities in OpenSSL (20160926) that were recently disclosed and fixed Note that due to the time involved in doing a full analysis of each issue, Tenable has opted to upgrade the included version of OpenSSL as a precaution, and to save time These vulnerabilities may impact Nessus and include:
CVE-2 ...
LCE 481 is possibly impacted by multiple vulnerabilities reported in third-party libraries Tenable has not investigated each one to determine if it is exploitable or the vulnerable code path can be reached Instead, Dev has upgraded the impacted libraries as a faster and safer alternative Due to the number of library upgrades and the potential ...
Tenable's Passive Vulnerability Scanner (PVS) uses third-party libraries to provide certain standardized functionality Four of these libraries were found to contain vulnerabilities and were fixed upstream Those fixes have been integrated despite there being no known exploitation scenarios related to PVS
OpenSSL ssl/statem/statemc read_state_ma ...
Vulmon