EulerOS 2.0 SP10 : shim (EulerOS-SA-2024-1074)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary...

OESA-2023-1821 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact...

CVE-2023-5678

A flaw was found in OpenSSL, which caused the generation or checking of long X9.42 DH keys or parameters to be much slower than expected. This issue could lead to a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the R...

OpenSSL 1.0.2 < 1.0.2zj Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2zj. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2zj advisory. - Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service...

AZL-42685 CVE-2023-5678 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

SUSE-SU-2023:1703-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: Security fixes: - CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints bsc1209624. Other fixes: - Fix DH key generation in FIPS mode, add support for constant BN for DH parameters bsc1202062...

gnutls security and bug fix update

3.7.6-18 - Update gnutls-3.7.8-fips-pct-dh.patch to the upstream version 2168610 3.7.6-17 - Fix timing side-channel in TLS RSA key exchange 2162600 3.7.6-16 - fips: extend PCT to DH key generation 2168610 3.7.6-14 - fips: remove library path checking from FIPS integrity check 2149638 - fips: rena...

SUSE-SU-2019:1553-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2018-0732: Reject excessively large primes in DH key generation bsc1097158 - CVE-2018-0734: Timing vulnerability in DSA signature generation bsc1113652 - CVE-2018-0737: Cache timing vulnerability in RSA Key Generation bsc1089039 -...

Security update for libressl (moderate)

This update for libressl to version 2.8.0 fixes the following issues: Security issues fixed: - CVE-2018-12434: Avoid a timing side-channel leak when generating DSA and ECDSA signatures. boo1097779 - Reject excessively large primes in DH key generation. - CVE-2018-8970: Fixed a bug in...