Synopsis
Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Core Services Pack Apache Server 2429 packages are now availableRed Hat Product Security has rated this release as having a security impactof Moderate A ...
Synopsis
Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 RHEL 7 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Core Services Pack Apache Server 2429 packages are now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this release as ...
Synopsis
Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 RHEL 6 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Core Services Pack Apache Server 2429 packages are now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this release as h ...
Synopsis
Important: openssl security update
Type/Severity
Security Advisory: Important
Topic
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sc ...
USN-3087-1 introduced a regression in OpenSSL ...
Several security issues were fixed in OpenSSL ...
It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system (CVE-2016-2178)
It was discovered that the Datagram TLS (DTLS) implementati ...
Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL ...
In OpenSSL 102 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer There is a theoretical DoS risk but this has not been observed in practice on common platforms
The messages affected are client certificate, client certificate request and server certificate As a result the attack c ...
On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as “Critical Severity,” one as “Moderate Severity,” and the other 12 as “Low Severity”
Subsequently, on September 26, the OpenSSL Software Foundatio ...
Nessus is potentially impacted by several vulnerabilities in OpenSSL (20160926) that were recently disclosed and fixed Note that due to the time involved in doing a full analysis of each issue, Tenable has opted to upgrade the included version of OpenSSL as a precaution, and to save time These vulnerabilities may impact Nessus and include:
CVE-2 ...
LCE 481 is possibly impacted by multiple vulnerabilities reported in third-party libraries Tenable has not investigated each one to determine if it is exploitable or the vulnerable code path can be reached Instead, Dev has upgraded the impacted libraries as a faster and safer alternative Due to the number of library upgrades and the potential ...
Tenable's Passive Vulnerability Scanner (PVS) uses third-party libraries to provide certain standardized functionality Four of these libraries were found to contain vulnerabilities and were fixed upstream Those fixes have been integrated despite there being no known exploitation scenarios related to PVS
OpenSSL ssl/statem/statemc read_state_ma ...
Vulmon