4 matches found
Mandriva Linux Security Advisory : nss (MDVSA-2014:252)
Updated nss packages fix security vulnerabilities : In the QuickDER decoder in NSS before 3.17.3, ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data CVE-2014-1569. This update adds support for the TLS Fallback Signaling Cipher Suite Value...
nss security update
CentOS Errata and Security Advisory CESA-2014:1948 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2014-December/082957.html https://lists.centos.org/pipermail/centos-announce/2014-December/082962.html...
SUSE-SU-403-FORBIDDEN-1 Security update for OpenSSL
This OpenSSL update fixes the following issues: Session Ticket Memory Leak CVE-2014-3567 Build option no-ssl3 is incomplete CVE-2014-3568 Add support for TLSFALLBACKSCSV to mitigate CVE-2014-3566 POODLE Security Issues: CVE-2014-3567 CVE-2014-3566 CVE-2014-3568...
USN-2385-1: OpenSSL vulnerabilities
It was discovered that OpenSSL incorrectly handled memory when parsing DTLS SRTP extension data. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2014-3513 I...