Several security issues were fixed in OpenSSL ...
Synopsis
Moderate: ovmf security and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for ovmf is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Moderate: Red Hat JBoss Web Server 52 security release
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Web Server 520 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is availableRed Hat Product Security has rated this update as having a security impactof Moderate A C ...
Synopsis
Moderate: Red Hat JBoss Web Server 52 security release
Type/Severity
Security Advisory: Moderate
Topic
Updated Red Hat JBoss Web Server 520 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8Red Hat Product Security has rated thi ...
Synopsis
Moderate: openssl security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for openssl is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...
Synopsis
Moderate: Red Hat Ansible Tower 335
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Ansible Tower 335
Description
For a list of changes included in this release, please read the Ansible Tower Release Notes: docsansiblecom/ansible-tower/latest/html/release-note ...
Synopsis
Moderate: Red Hat Ansible Tower 343
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Ansible Tower 343
Description
For a list of changes included in this release, please read the Ansible Tower Release Notes: docsansiblecom/ansible-tower/latest/html/release-note ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 Security Release
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services Pack Apache Server 2437 zip releasefor RHEL 6, RHEL 7 and Microsoft Windows is availableRed Hat Product Security has rated this update as ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 Security Release on RHEL 6
Type/Severity
Security Advisory: Important
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2437 and fix several bugs, and add various enhancements are now available for R ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 Security Release on RHEL 7
Type/Severity
Security Advisory: Important
Topic
An update is now available for JBoss Core Services on RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common ...
Several local side channel attacks and a denial of service via large
Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets
Layer toolkit
For the stable distribution (stretch), these problems have been fixed in
version 102q-1~deb9u1 Going forward, openssl10 security updates for
stretch will be based on the 102x upstream relea ...
Several local side channel attacks and a denial of service via large
Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets
Layer toolkit
For the stable distribution (stretch), these problems have been fixed in
version 110j-1~deb9u1 Going forward, openssl security updates for
stretch will be based on the 110x upstream releases ...
A microprocessor side-channel vulnerability was found on SMT (eg, Hyper-Threading) architectures An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information (CVE-2018-5407)
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to s ...
A microprocessor side-channel vulnerability was found on SMT (eg, Hyper-Threading) architectures An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information(CVE-2018-5407)
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to sen ...
A microprocessor side-channel vulnerability was found on SMT (eg, Hyper-Threading) architectures An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information ...
A vulnerability has been found in the ECC scalar multiplication implementation of OpenSSL < 110i and <= 102p The implementation, used in eg ECDSA and ECDH, has been shown
to be vulnerable to a microarchitecture timing side channel attack An attacker with sufficient access to mount local timing attacks during ECDSA signature generation ...
An industry-wide vulnerability has been reported which impacts CPUs that use Simultaneous Multithreading Technology (SMT) The attack consists of running a malicious process in parallel with legitimate processes using the parallel threading capabilities of SMT The legitimate process leaks small amounts of data to the malicious processes, which c ...
Nessus leverages third-party software to help provide underlying functionality One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers
Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of th ...
Nessus leverages third-party software to help provide underlying functionality One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers
Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of th ...