36 matches found
ALSA-2025:23738 Important: mod_md security update
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...
RHEL 9 : mod_md (RHSA-2025:23739)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:23739 advisory. This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate...
mod_md security update
1:2.4.26-1.1 - Resolves: RHEL-134496 - httpd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753...
[SECURITY] Fedora 42 Update: mod_md-2.6.6-1.fc42
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...
[SECURITY] Fedora 43 Update: mod_md-2.6.7-1.fc43
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...
CVE-2025-54799 Lego does not enforce HTTPS
Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...
CVE-2025-54799 Lego does not enforce HTTPS
Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...
CVE-2025-54799 Lego does not enforce HTTPS
Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...
GHSA-Q82R-2J7M-9RV4 github.com/go-acme/lego/v4/acme/api does not enforce HTTPS
Summary It was discovered that the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Details Unlike the http-01 challenge which solves an ACME challenge over unencrypted HTTP, the ACME protocol...
github.com/go-acme/lego/v4/acme/api does not enforce HTTPS
Summary It was discovered that the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Details Unlike the http-01 challenge which solves an ACME challenge over unencrypted HTTP, the ACME protocol...
Let's Encrypt Issued A Billion Free SSL Certificates in the Last 4 Years
Let's Encrypt, a free, automated, and open certificate signing authority CA from the nonprofit Internet Security Research Group ISRG, has said it's issued a billion certificates since its launch in 2015. The CA issued its first certificate in September 2015, before eventually reaching 100 million...
Fedora Update for mod_md FEDORA-2019-e00c65ec6f
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 29 Update: mod_md-2.0.8-3.fc29
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol RFC Draft to automate certificate provisioning. These will be configured for managed domains and their virtual hosts automatically. This includes renewal of certificates befor...
[SECURITY] Fedora 30 Update: mod_md-2.0.8-2.fc30
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol RFC Draft to automate certificate provisioning. These will be configured for managed domains and their virtual hosts automatically. This includes renewal of certificates befor...
Fedora Update for mod_md FEDORA-2019-099575a123
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
mkcert: valid HTTPS certificates for localhost
or for any other names The web is moving to HTTPS, preventing network attackers from observing or injecting page contents. But HTTPS needs TLS certificates, and while deployment is increasingly a solved issue thanks to the ACME protocol and Let's Encrypt, development still mostly ends up happenin...