142 matches found
openSUSE Security Update : openssl (openSUSE-2016-1134)
This update for openssl fixes the following issues : OpenSSL Security Advisory 22 Sep 2016 bsc999665 Severity: High - OCSP Status Request extension unbounded memory growth CVE-2016-6304 bsc999666 Severity: Low - Pointer arithmetic undefined behaviour CVE-2016-2177 bsc982575 - Constant time flag n...
CentOS 6 / 7 : openssl (CESA-2016:1940)
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
RHEL 6 / 7 : openssl (RHSA-2016:1940)
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
SUSE SLES12 Security Update : openssl (SUSE-SU-2016:2387-1)
This update for openssl fixes the following issues: OpenSSL Security Advisory 22 Sep 2016 bsc999665 Severity: High - OCSP Status Request extension unbounded memory growth CVE-2016-6304 bsc999666 Severity: Low - Pointer arithmetic undefined behaviour CVE-2016-2177 bsc982575 - Constant time flag no...
openssl security update
1.0.1e-48.3 - fix CVE-2016-2177 - possible integer overflow - fix CVE-2016-2178 - non-constant time DSA operations - fix CVE-2016-2179 - further DoS issues in DTLS - fix CVE-2016-2180 - OOB read in TSOBJprintbio - fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue - fix...
OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities (Sep 2016) - Linux
OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...
DLA-637-1 openssl - security update
Bulletin has no description...
Debian DSA-3673-1 : openssl - security update
Several vulnerabilities were discovered in OpenSSL : - CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-p ointer-arithmetic/ - CVE-2016-2178 Cesar Pereida, Billy...
Security fix for the ALT Linux 7 package openssl10 version 1.0.1u-alt0.M70P.1
1.0.1u-alt0.M70P.1 built Sept. 23, 2016 Gleb Fotengauer-Malinovskiy in task 169809 Sept. 22, 2016 Gleb Fotengauer-Malinovskiy - Updated to 1.0.1u fixes CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303,...
Ubuntu: Security Advisory (USN-3087-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD-SA-16:26.openssl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:26.openssl Security Advisory The FreeBSD Project Topic: Multiple OpenSSL vulnerabilities Category: contrib Module: openssl Announced: 2016-09-23; revised on...
DSA-3673-2 openssl - regression update
Bulletin has no description...
[slackware-security] openssl
New openssl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openssl-1.0.2i-i586-1slack14.2.txz: Upgraded. This update fixes denial-of-service and other security issues. For more...
[SECURITY] [DSA 3673-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3673-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 22, 2016 https://www.debian.org/security/faq -...
Security fix for the ALT Linux 9 package openssl10 version 1.0.2i-alt1
Sept. 22, 2016 Gleb Fotengauer-Malinovskiy 1.0.2i-alt1 - Updated to 1.0.2i fixes CVE-2016-2177, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306...
Security fix for the ALT Linux 8 package openssl10 version 1.0.2i-alt1
1.0.2i-alt1 built Sept. 22, 2016 Gleb Fotengauer-Malinovskiy in task 169814 Sept. 22, 2016 Gleb Fotengauer-Malinovskiy - Updated to 1.0.2i fixes CVE-2016-2177, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306...
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2i-alt1
Sept. 22, 2016 Gleb Fotengauer-Malinovskiy 1.0.2i-alt1 - Updated to 1.0.2i fixes CVE-2016-2177, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306...
Debian: Security Advisory (DSA-3673-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-2181
The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service false-positive packet drops via spoofed DTLS records, related to reclayerd1...
CVE-2016-2181
OpenSSL CVE-2016-2181 affects the Datagram TLS (DTLS) replay protection: a flaw in the replay window handling could cause legitimate packets to be dropped when a crafted sequence number is used, enabling a remote attacker to cause DoS. Upstream fixes were released (e.g., OpenSSL 1.0.2.x and 1.0.1...