Several security issues were fixed in OpenSSL ...
Debian Bug report logs -
#919817
mysql-57: Security fixes from the January 2019 CPU
Package:
src:mysql-57;
Maintainer for src:mysql-57 is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 19 Jan 2019 21:18:01 UTC
Severity: grave
Tag ...
Synopsis
Moderate: openssl security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for openssl is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...
Synopsis
Low: openssl security, bug fix, and enhancement update
Type/Severity
Security Advisory: Low
Topic
An update for openssl is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) bas ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 Security Release on RHEL 6
Type/Severity
Security Advisory: Important
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2437 and fix several bugs, and add various enhancements are now available for R ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 Security Release on RHEL 7
Type/Severity
Security Advisory: Important
Topic
An update is now available for JBoss Core Services on RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 Security Release
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services Pack Apache Server 2437 zip releasefor RHEL 6, RHEL 7 and Microsoft Windows is availableRed Hat Product Security has rated this update as ...
Several local side channel attacks and a denial of service via large
Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets
Layer toolkit
For the stable distribution (stretch), these problems have been fixed in
version 102q-1~deb9u1 Going forward, openssl10 security updates for
stretch will be based on the 102x upstream relea ...
Several local side channel attacks and a denial of service via large
Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets
Layer toolkit
For the stable distribution (stretch), these problems have been fixed in
version 110j-1~deb9u1 Going forward, openssl security updates for
stretch will be based on the 110x upstream releases ...
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack An attacker could use variations in the signing algorithm to recover the private key (CVE-2018-0734) ...
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack An attacker could use variations in the signing algorithm to recover the private key (CVE-2018-0734) ...
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC If the application then beh ...
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack An attacker could use variations in the signing algorithm to recover the private key Fixed in OpenSSL 111a (Affected 111) Fixed in OpenSSL 110j (Affected 110-110i) Fixed in OpenSSL 102q (Affected 102-102p) ...
A timing vulnerability has been found in DSA signature generation in openssl versions up to and including 111, where information is leaked via a side channel when a BN is resized and could lead to private key recovery ...
Nessus leverages third-party software to help provide underlying functionality One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers
Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of th ...
Nessus leverages third-party software to help provide underlying functionality One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers
Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of th ...