Download
| Alert*
|
oval:org.secpod.oval:def:1501604
The host is installed with OpenSSL or NSS and is prone to a birthday attack vulnerability. A flaw is present in 3DES cipher as used in TLS protocol, which fails to renegotiate running connections. Successful exploitation could allow attackers to recover partial plaintext information. oval:org.secpod.oval:def:1502265 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:505649 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP1. Security Fix: * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Dev ... oval:org.secpod.oval:def:51777 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:1800544 CVE-2016-2183: SWEET32 Mitigation. SWEET32 oval:org.secpod.oval:def:703438 openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK 8. oval:org.secpod.oval:def:703461 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:37387 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:89044800 This update for java-1_8_0-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 Upgrade to version jdk8u121 : - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution - S8156804, CVE-2017-32 ... oval:org.secpod.oval:def:89043994 This update contains the Mozilla Firefox ESR 68.2 release. Mozilla Firefox was updated to ESR 68.2 release: * Enterprise: New administrative policies were added. More information and templates are available at the Policy Templates page. * Various security fixes: MFSA 2019-33 * CVE-2019-15903: Heap ... oval:org.secpod.oval:def:36844 The host is installed with OpenSSL or NSS and is prone to a birthday attack vulnerability. A flaw is present in 3DES cipher as used in TLS protocol, which fails to renegotiate running connections. Successful exploitation could allow attackers to recover partial plaintext information. oval:org.secpod.oval:def:52833 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:703468 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:51509 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:51707 openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK 8. oval:org.secpod.oval:def:38740 The host is installed with the DES and Triple DES ciphers and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to properly handle the DES and Triple DES ciphers, as used in the TLS, SSH, IPSec protocols, other protocols and products. Successful e ... oval:org.secpod.oval:def:36843 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a sweet32 birthday attack vulnerability. A flaw is present in Triple-DES, which fails to handle a crafted Javascript. Successful exploitation allows remote attackers to send enough traffic to cause a coll ... oval:org.secpod.oval:def:89044955 This update for java-1_8_0-ibm to version 8.0-4.0 fixes a lot of security issues : Following CVEs are fixed: CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3253 CVE-2017-3259 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2016-2183 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2017-3252 More info ... oval:org.secpod.oval:def:505303 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR4-FP1. Security Fix: * This update fixes a vulnerability in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further ... oval:org.secpod.oval:def:505545 IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP41. Security Fix: * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development K ... oval:org.secpod.oval:def:89044514 This update for java-1_7_1-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remot ... oval:org.secpod.oval:def:505628 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP1. Security Fix: * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Dev ... oval:org.secpod.oval:def:89044676 This update for java-1_7_1-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remot ... oval:org.secpod.oval:def:1000656 The remote host is missing a patch 152100-21 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:703578 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:60345 The host is missing a patch containing a security fixes, which affects the following package(s): Java oval:org.secpod.oval:def:1000658 The remote host is missing a patch 152101-21 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:205725 Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 oval:org.secpod.oval:def:52808 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:38971 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:1600493 It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. This issue was addres ... oval:org.secpod.oval:def:602621 Several vulnerabilities were discovered in OpenSSL: CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ CVE-2016-2178 Cesar Pereida, Billy Brumley and ... oval:org.secpod.oval:def:1600457 It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm signatures. A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system. It was discovered that the Dat ... oval:org.secpod.oval:def:89044813 This update for java-1_8_0-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remot ... oval:org.secpod.oval:def:703280 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:89044859 - S8021108: Clean up doclint warnings and errors in java.text package - S8021417: Fix doclint issues in java.util.concurrent - S8021833: javadoc cleanup in java.net - S8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails - S8022175: Fix doclint warnings in javax.prin ... oval:org.secpod.oval:def:2100967 The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to ... oval:org.secpod.oval:def:89045357 This update for openssl fixes the following issues: OpenSSL Security Advisory [22 Sep 2016] Severity: High * OCSP Status Request extension unbounded memory growth Severity: Low * Pointer arithmetic undefined behavior * Constant time flag not preserved in DSA signing * DTLS buffered message Do ... oval:org.secpod.oval:def:68476 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... |
