Debian Bug report logs -
#895844
openssl: CVE-2018-0737: Cache timing vulnerability in RSA Key Generation Source
Package:
src:openssl;
Maintainer for src:openssl is Debian OpenSSL Team <pkg-openssl-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 16 Apr 2018 18:54:01 UTC ...
Synopsis
Critical: Red Hat Ansible Tower 331-2 Release - Container Image
Type/Severity
Security Advisory: Critical
Topic
Security Advisory
Description
Red Hat Ansible Tower 331 is now available and contains the following bug fixes: Fixed event callback error when in-line vaulted variabl ...
Synopsis
Moderate: openssl security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for openssl is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 Security Release
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services Pack Apache Server 2437 zip releasefor RHEL 6, RHEL 7 and Microsoft Windows is availableRed Hat Product Security has rated this update as ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 Security Release on RHEL 6
Type/Severity
Security Advisory: Important
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2437 and fix several bugs, and add various enhancements are now available for R ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 Security Release on RHEL 7
Type/Severity
Security Advisory: Important
Topic
An update is now available for JBoss Core Services on RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common ...
Several local side channel attacks and a denial of service via large
Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets
Layer toolkit
For the stable distribution (stretch), these problems have been fixed in
version 102q-1~deb9u1 Going forward, openssl10 security updates for
stretch will be based on the 102x upstream relea ...
Several local side channel attacks and a denial of service via large
Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets
Layer toolkit
For the stable distribution (stretch), these problems have been fixed in
version 110j-1~deb9u1 Going forward, openssl security updates for
stretch will be based on the 110x upstream releases ...
Several security issues were fixed in OpenSSL ...
OpenSSL could allow access to sensitve information ...
OpenSSL could allow access to sensitve information ...
Several security issues were fixed in OpenSSL ...
bn_sqrx8x_internal carry bug on x86_64There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 102m and 110 before 110g No EC algorithms are affected Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely Attacks agai ...
RSA key generation cache timing vulnerability in crypto/rsa/rsa_genc allows attackers to recover private keys:OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key (CVE-2018-0 ...
OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key ...
A cache-timing side channel attack in the RSA key generation algorithm has been found in OpenSSL <= 110h and <= 102o An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key ...
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack (CVE-2018-0737) An attacker could exploit this vulnerability to recover the private key (Vulnerability ID: HWPSIRT-2018-06015)
Huawei has released software updates to fix this vulnerability This advisory is available at the followi ...
PAN-SA-2018-0015 OpenSSL Vulnerabilities in PAN-OS ...
Log Correlation Engine leverages third-party software to help provide underlying functionality One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers
Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potent ...
Nessus leverages third-party software to help provide underlying functionality One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers
Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of th ...
Nessus leverages third-party software to help provide underlying functionality One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers
Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of th ...
SecurityCenter leverages third-party software to help provide underlying functionality Two separate third-party components (PHP and OpenSSL) were found to contain vulnerabilities, and updated versions have been made available by the providers
Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address ...