15 matches found
[SECURITY] [DLA 4624-1] openssl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4624-1 [email protected] https://www.debian.org/lts/security/ Arnaud Rebillout June 09, 2026 https://wiki.debian.org/LTS -...
Debian dla-4624 : libcrypto1.1-udeb - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4624 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4624-1 [email protected]...
Security Bulletin: IBM i is Affected By NULL Pointer Dereference, Use Afer Free, and Out-of-Bounds Write Vulnerabilities in OpenSSL [CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-28387, CVE-2026-31789]
Summary OpenSSL for IBM i is vulnerable to NULL pointer derefences when processing either a delta CRL indicator extension CVE-2026-28388 or CMS EnvelopedData message with KeyAgreeRecipientInfo CVE-2026-28389, CVE-2026-28390, and use after free when using DANE TLSA-based server authentication...
CLSA-2026-1777567502 openssl: Fix of CVE-2026-28387
CVE-2026-28387: fix use-after-free / double-free in danematch by releasing the previously stored dane-mcert with X509free instead of OPENSSLfree; the slot is reference-bumped via X509upref so the matching free is X509free...
OESA-2026-2044 openssl security update
Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of...
SUSE SLES15 / openSUSE 15 Security Update : openssl-1_0_0 (SUSE-SU-2026:1291-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1291-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference...
Amazon Linux 2 : openssl11, --advisory ALAS2-2026-3249 (ALAS-2026-3249)
The version of openssl11 installed on the remote host is prior to 1.1.1zg-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3249 advisory. Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE:...
Slackware: Security Advisory (SSA:2026-101-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 5.0: Openssl PHSA-2026-5.0-0810
An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0810. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
USN-8155-2 openssl, openssl1.0 vulnerabilities
USN-8155-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for CVE-2026-28387 for openssl in Ubuntu 20.04 LTS. CVE-2026-28388 for openssl and openssl1.0 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS, and CVE-2026-28389 and...
Ubuntu: Security Advisory (USN-8155-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...
USN-8155-1: OpenSSL vulnerabilities
Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 server. This could result in a less preferred key exchange being used, contrary to expectations. This issue only affected Ubuntu 25.10. CVE-2026-2673 Igor Morgenstern...
CVE-2026-28387
creationtimestamp| type| source ---|---|--- 2026-04-07 23:31:26+00:00| seen| https://bsky.app/profile/omo.bsky.social/post/3miwwr7vxwk2o 2026-04-08 12:10:24+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3miyb6guojc23 2026-04-09 00:01:12+00:00| seen|...
Linux Distros Unpatched Vulnerability : CVE-2026-28387
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may...