Lucene search
OracleLinuxELSA-2019-4754HistoryAug 19, 2019 - 12:00 a.m.
openssl security update
2019-08-1900:00:00
linux.oracle.com
149
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
[1.0.2k-19.0.1]
- Bump release for rebuild.
[1.0.2k-19] - close the RSA decryption 9 lives of Bleichenbacher cat
timing side channel (#1649568)
[1.0.2k-18] - fix CVE-2018-0734 - DSA signature local timing side channel
- fix CVE-2019-1559 - 0-byte record padding oracle
- close the RSA decryption One & done EM side channel (#1619558)
[1.0.2k-17] - use SHA-256 in FIPS RSA pairwise key check
- fix CVE-2018-5407 (and CVE-2018-0735) - EC signature local
timing side-channel key extraction
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | openssl | < 1.0.2k-19.0.1.ksplice1.el7 | openssl-1.0.2k-19.0.1.ksplice1.el7.src.rpm |
| oracle linux | 7 | x86_64 | openssl | < 1.0.2k-19.0.1.ksplice1.el7 | openssl-1.0.2k-19.0.1.ksplice1.el7.x86_64.rpm |
| oracle linux | 7 | i686 | openssl-devel | < 1.0.2k-19.0.1.ksplice1.el7 | openssl-devel-1.0.2k-19.0.1.ksplice1.el7.i686.rpm |
| oracle linux | 7 | x86_64 | openssl-devel | < 1.0.2k-19.0.1.ksplice1.el7 | openssl-devel-1.0.2k-19.0.1.ksplice1.el7.x86_64.rpm |
| oracle linux | 7 | i686 | openssl-libs | < 1.0.2k-19.0.1.ksplice1.el7 | openssl-libs-1.0.2k-19.0.1.ksplice1.el7.i686.rpm |
| oracle linux | 7 | x86_64 | openssl-libs | < 1.0.2k-19.0.1.ksplice1.el7 | openssl-libs-1.0.2k-19.0.1.ksplice1.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | openssl-perl | < 1.0.2k-19.0.1.ksplice1.el7 | openssl-perl-1.0.2k-19.0.1.ksplice1.el7.x86_64.rpm |
| oracle linux | 7 | i686 | openssl-static | < 1.0.2k-19.0.1.ksplice1.el7 | openssl-static-1.0.2k-19.0.1.ksplice1.el7.i686.rpm |
| oracle linux | 7 | x86_64 | openssl-static | < 1.0.2k-19.0.1.ksplice1.el7 | openssl-static-1.0.2k-19.0.1.ksplice1.el7.x86_64.rpm |
Related
oraclelinux
oraclelinux
openssl security and bug fix update
2019-08-13 00:00:00
openssl bug fix update
2021-04-06 00:00:00
openssl security, bug fix, and enhancement update
2019-11-14 00:00:00
nessus
nessus
ibm
ibm
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Spectrum Protect Plus (CVE-2018-0735, CVE-2018-0734, CVE-2018-5407)
2020-02-22 00:05:46
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Integration Bus , IBM App Connect and WebSphere Message Broker
2020-03-23 20:41:52
Security Bulletin: IBM Event Streams is affected by OpenSSL vulnerabilities
2019-03-29 11:00:02
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-1.0-0199
2018-12-14 00:00:00
Moderate Photon OS Security Update - PHSA-2018-0199
2018-12-14 00:00:00
Important Photon OS Security Update - PHSA-2018-0113
2018-12-11 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2018-12-06 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3840-1)
2018-12-07 00:00:00
Debian: Security Advisory (DLA-1586-1)
2018-11-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3945-1)
2021-06-09 00:00:00
cloudfoundry
cloudfoundry
USN-3840-1: OpenSSL vulnerabilities | Cloud Foundry
2018-12-27 00:00:00
symantec
symantec
OpenSSL Vulnerabilities Oct 2018 - Jul 2019
2019-09-05 08:00:00
osv
osv
openssl - security update
2018-11-21 00:00:00
openssl - security update
2018-11-30 00:00:00
openssl1.0 - security update
2018-12-19 00:00:00
redhat
redhat
(RHSA-2019:0483) Moderate: openssl security and bug fix update
2019-03-12 08:21:31
(RHSA-2019:2304) Moderate: openssl security and bug fix update
2019-08-06 08:23:32
(RHSA-2019:3700) Low: openssl security, bug fix, and enhancement update
2019-11-05 20:52:19
archlinux
archlinux
[ASA-201812-6] lib32-openssl: private key recovery
2018-12-08 00:00:00
[ASA-201812-5] openssl: private key recovery
2018-12-08 00:00:00
[ASA-201812-7] lib32-openssl-1.0: private key recovery
2018-12-08 00:00:00
debian
debian
[SECURITY] [DLA 1586-1] openssl security update
2018-11-21 21:43:46
[SECURITY] [DSA 4348-1] openssl security update
2018-11-30 22:26:20
[SECURITY] [DSA 4355-1] openssl1.0 security update
2018-12-19 22:29:59
f5
f5
K43741620 : OpenSSL vulnerabilities CVE-2018-0734 and CVE-2018-0735
2018-12-15 00:00:00
K18549143 : OpenSSL vulnerability CVE-2019-1559
2019-03-19 00:00:00
suse
suse
Security update for openssl-1_1 (moderate)
2018-11-24 18:11:36
Security update for openssl-1_0_0 (moderate)
2018-12-08 15:08:25
Security update for openssl (moderate)
2018-11-24 18:18:01
freebsd
freebsd
OpenSSL -- Multiple vulnerabilities in 1.1 branch
2018-10-29 00:00:00
node.js -- multiple vulnerabilities
2018-11-27 00:00:00
OpenSSL -- timing vulnerability
2018-11-12 00:00:00
centos
centos
openssl security update
2019-03-19 14:32:25
openssl security update
2019-08-30 03:49:42
openssl security update
2019-08-16 21:53:45
ubuntucve
ubuntucve
CVE-2018-0735
2018-10-29 00:00:00
CVE-2019-1559
2019-02-26 00:00:00
amazon
amazon
Medium: openssl
2019-04-04 19:13:00
Medium: openssl
2019-11-11 17:41:00
Medium: openssl
2019-04-04 21:45:00
aix
aix
There are vulnerabilities in OpenSSL used by AIX.
2018-12-11 09:37:36
slackware
slackware
[slackware-security] openssl
2018-11-22 06:43:55
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2019-03-14 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 1.0.2q-alt1
2018-12-19 00:00:00
mageia
mageia
Updated openssl packages fix security vulnerabilities
2018-11-27 18:26:11
fedora
fedora
[SECURITY] Fedora 29 Update: openssl-1.1.1a-1.fc29
2019-01-18 02:14:55
nodejsblog
nodejsblog
November 2018 Security Releases
2018-11-28 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2018-0735
2018-10-29 00:00:00
prion
prion
Code injection
2018-10-29 13:29:00
redhatcve
redhatcve
CVE-2018-0735
2018-11-02 16:49:09
cve
cve
CVE-2018-0735
2018-10-29 13:29:00
CVE-2019-1559
2019-02-27 23:29:00
veracode
veracode
Information Disclosure
2020-09-21 06:28:26
Timing Attack
2018-11-26 02:50:19
alpinelinux
alpinelinux
CVE-2018-0735
2018-10-29 13:29:00
CVE-2019-1559
2019-02-27 23:29:00
debiancve
debiancve
CVE-2018-0735
2018-10-29 13:29:00
exploitpack
exploitpack
Intel (Skylake Kaby Lake) - PortSmash CPU SMT Side-Channel
2018-11-02 00:00:00
hp
hp
HPSBHF03597 rev. 3 - PortSmash Side-Channel Vulnerability
2018-11-02 00:00:00
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
Related for ELSA-2019-4754