Security Bulletin: Resilient is affected by the use of a risky or outdated cypher (CVE-2017-1657)

Summary Security Bulletin: Resilient is affected by the use of a risky or outdated cypher CVE-2017-1657 Vulnerability Details Summary Resilient has addressed the vulnerability by using updated cyphers. Vulnerability Details CVEID: CVE-2017-1657 DESCRIPTION: IBM Resilient uses weaker than expected...

[SECURITY] Fedora 32 Update: CImg-2.9.7-1.fc32

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

Important: Red Hat Security Advisory: gnutls and nettle security update

An update for gnutls and nettle is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 8 : gnutls and nettle (RHSA-2021:1206)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1206 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS...

RLSA-2021:1206 Important: gnutls and nettle security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages...

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

CVE-2020-4965

IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422...

CVE-2020-4965

CVE-2020-4965 affects IBM Jazz Team Server / Jazz Foundation (IBM Engineering Lifecycle Management). The vulnerability stems from weaker-than-expected cryptographic algorithms that could allow decrypting highly sensitive information. Public scoring varies: CVSSv3.1 base 7.5 (Network, High impact ...

Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.

Summary There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS Next, IBM Engineering Lifecycle Optimization - Engineeri...

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

RHEL 8 : openssl (RHSA-2021:1063)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1063 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

Fedora: Security Advisory for openssl (FEDORA-2021-f347d1c866)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for openssl (FEDORA-2021-f347d1c866)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...