26 matches found
Medium: openssl
Issue Overview: An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite. CVE-2017-3731 A denial of service flaw was found in the way...
Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20170220)
Security Fixes : - An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite. CVE-2017-3731 - A denial of service flaw was found in th...
openSUSE Security Update : gnutls (openSUSE-2017-207)
This update for gnutls fixes the following security issues : - GnuTLS could have crashed when processing maliciously crafted OpenPGP certificates GNUTLS-SA-2017-2, bsc1018832, CVE-2017-5335, CVE-2017-5337, CVE-2017-5336 - GnuTLS could have falsely accepted certificates when using OCSP...
SUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2017:0348-1)
This update for gnutls fixes the following security issues : - GnuTLS could have crashed when processing maliciously crafted OpenPGP certificates GNUTLS-SA-2017-2, bsc1018832, CVE-2017-5335, CVE-2017-5337, CVE-2017-5336 - GnuTLS could have falsely accepted certificates when using OCSP...
Debian DLA-814-1 : openssl security update
Several vulnerabilities were discovered in OpenSSL : CVE-2016-7056 A local timing attack was discovered against ECDSA P-256. CVE-2016-8610 It was discovered that no limit was imposed on alert packets during an SSL handshake. CVE-2017-3731 Robert Swiecki discovered that the RC4-MD5 cipher when...
Debian DSA-3773-1 : openssl - security update
Several vulnerabilities were discovered in OpenSSL : - CVE-2016-7056 A local timing attack was discovered against ECDSA P-256. - CVE-2016-8610 It was discovered that no limit was imposed on alert packets during an SSL handshake. - CVE-2017-3731 Robert Swiecki discovered that the RC4-MD5 cipher wh...