37 matches found
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
edk2 security update
20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
edk2 security update
20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
Oracle Linux 8 : openssl (ELSA-2019-3700)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3700 advisory. 1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c...
SUSE CVE-2019-1543
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also...
SUSE: Security Advisory (SUSE-SU-2019:0678-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0787-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssl110f (EulerOS-SA-2019-1327)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssl110f (EulerOS-SA-2019-1328)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssl110h (EulerOS-SA-2019-1890)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : openssl (RHSA-2019:3700)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3700 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private for Data - OpenSSL (CVE-2019-1543), Kubernetes (CVE-2019-1002100, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518)
Summary Security Vulnerabilities affect IBM Cloud Private for Data - OpenSSL CVE-2019-1543, Kubernetes CVE-2019-1002100, Kubernetes CVE-2019-9511, Kubernetes CVE-2019-9512, Kubernetes CVE-2019-9513, Kubernetes CVE-2019-9514, Kubernetes CVE-2019-9515, Kubernetes CVE-2019-9516, Kubernetes...
Oracle MySQL Server 5.3 <= 5.3.13 / 8.0 <= 8.0.17 Security Update (cpuoct2019) - Windows
Oracle MySQL Server is prone to a vulnerability. This VT has been deprecated because it doesn SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only i...
Oracle MySQL Server 5.3 <= 5.3.13 / 8.0 <= 8.0.17 Security Update (cpuoct2019) - Linux
Oracle MySQL Server is prone to a vulnerability. This VT has been deprecated because it doesn SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only i...
Fedora 29 : 1:compat-openssl10 (2019-9a0a7c0986)
Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559. https://www.openssl.org/news/vulnerabilities.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1d-alt1
Sept. 19, 2019 Gleb Fotengauer-Malinovskiy 1.1.1d-alt1 - Updated to 1.1.1d fixes CVE-2019-1543, CVE-2019-1549, CVE-2019-1563, CVE-2019-1547, CVE-2019-1552. - Changed License: tag to SPDX identifier of actual openssl license...
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1d-alt1
Sept. 19, 2019 Gleb Fotengauer-Malinovskiy 1.1.1d-alt1 - Updated to 1.1.1d fixes CVE-2019-1543, CVE-2019-1549, CVE-2019-1563, CVE-2019-1547, CVE-2019-1552. - Changed License: tag to SPDX identifier of actual openssl license...
EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-1890)
According to the versions of the openssl110h packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce...
openSUSE Security Update : virtualbox (openSUSE-2019-1814)
This update for virtualbox to version 6.0.10 fixes the following issues : Security issues fixed : - CVE-2019-2859 CVE-2019-2867 CVE-2019-2866 CVE-2019-2864 CVE-2019-2865 CVE-2019-1543 CVE-2019-2863 CVE-2019-2848 CVE-2019-2877 CVE-2019-2873 CVE-2019-2874 CVE-2019-2875 CVE-2019-2876 CVE-2019-2850...
openSUSE: Security Advisory for virtualbox (openSUSE-SU-2019:1814-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...