Download
| Alert*
oval:org.secpod.oval:def:69337
libopenssl0_9_8 is installed oval:org.secpod.oval:def:89003069 This update for openssl fixes the following issues: Security issues fixed: - CVE-2019-1559: Fix 0-byte record padding oracle via SSL_shutdown - Reject invalid EC point coordinates - Mitigate the quot;The 9 Lives of Bleichenbacher"s CAT: Cache ATtacks on TLS Implementationsquot; attack oval:org.secpod.oval:def:89003451 This update for openssl fixes the following issues: - Included the missing cms and pk7 fixes of CVE-2019-1563 . oval:org.secpod.oval:def:89003405 This update for openssl fixes the following issues: OpenSSL Security Advisory [10 September 2019] - CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance . - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key . oval:org.secpod.oval:def:38121 libopenssl0_9_8 sub packages are installed oval:org.secpod.oval:def:89003070 libopenssl0_9_8 is installed oval:org.secpod.oval:def:89045564 This update for openssl fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89049150 This update for openssl fixes the following issues: * CVE-2023-3446: Fixed DH_check excessive time with over sized modulus . oval:org.secpod.oval:def:89048937 This update for openssl fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . * Update further expiring certificates that affect test cases . oval:org.secpod.oval:def:89048522 This update for openssl fixes the following issues: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints . oval:org.secpod.oval:def:89048751 This update for openssl fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . oval:org.secpod.oval:def:89048483 This update for openssl fixes the following issues: * CVE-2022-4304: Fixed timing Oracle in RSA Decryption . oval:org.secpod.oval:def:89044635 This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] Security issues fixed: - CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed - CVE-2016-8610: A remote denial of service in SSL alert handling was ... oval:org.secpod.oval:def:89045356 This update for openssl fixes various security issues and bugs: Security issues fixed: - CVE-2016-0800 aka the DROWN attack : OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbache ... oval:org.secpod.oval:def:400662 This update for compat-openssl098 fixes various security issues and bugs: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack : OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher sui ... oval:org.secpod.oval:def:89045365 This update for openssl fixes the following issues: Security issues fixed: - CVE-2016-2108: Memory corruption in the ASN.1 encoder - CVE-2016-2105: EVP_EncodeUpdate overflow - CVE-2016-2106: EVP_EncryptUpdate overflow - CVE-2016-2109: ASN.1 BIO excessive memory allocation - CVE-2016-0702: Side c ... oval:org.secpod.oval:def:400644 This update for compat-openssl098 fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder - CVE-2016-2105: EVP_EncodeUpdate overflow - CVE-2016-2106: EVP_EncryptUpdate overflow - CVE-2016-2109: ASN.1 BIO excessive memory allocation - CVE-2016-0702: Side channel attack ... oval:org.secpod.oval:def:89051122 This update for openssl fixes the following issues: * CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service . oval:org.secpod.oval:def:89045357 This update for openssl fixes the following issues: OpenSSL Security Advisory [22 Sep 2016] Severity: High * OCSP Status Request extension unbounded memory growth Severity: Low * Pointer arithmetic undefined behavior * Constant time flag not preserved in DSA signing * DTLS buffered message Do ... oval:org.secpod.oval:def:89051641 This update for openssl fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file . |