4226 matches found
SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2015:1179-1)
This update of libgcrypt fixes one security issue and brings various FIPS 140-2 related improvements. libgcrypt now uses ciphertext blinding for Elgamal decryption CVE-2014-3591 FIPS 140-2 related changes : - The library performs its self-tests when the module is complete the -hmac file is also...
Scientific Linux Security Update : libreswan on SL7.x x86_64 (20150623)
A flaw was discovered in the way Libreswan's IKE daemon processed certain IKEv1 payloads. A remote attacker could send specially crafted IKEv1 payloads that, when processed, would lead to a denial of service daemon crash. CVE-2015-3204 This update fixes the following bugs : - Previously, the...
libreswan security update
CentOS Errata and Security Advisory CESA-2015:1154 Updated libreswan packages that fix one security issue, several bugs and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common...
Oracle Linux 7 : libreswan (ELSA-2015-1154)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2015-1154 advisory. - Resolves: rhbz1226407 CVE-2015-3204 libreswan: crafted IKE packet causes daemon restart Tenable has extracted the preceding description block directly from th...
CentOS 7 : libreswan (CESA-2015:1154)
Updated libreswan packages that fix one security issue, several bugs and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
RedHat Update for libreswan RHSA-2015:1154-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for libreswan CESA-2015:1154 centos7
Check the version of libreswan SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882204";...
RHEL 7 : libreswan (RHSA-2015:1154)
Updated libreswan packages that fix one security issue, several bugs and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Moderate: Red Hat Security Advisory: libreswan security, bug fix and enhancement update
Updated libreswan packages that fix one security issue, several bugs and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
SUSE-SU-2015:1179-1 Security update for libgcrypt
This update of libgcrypt fixes one security issue and brings various FIPS 140-2 related improvements. libgcrypt now uses ciphertext blinding for Elgamal decryption CVE-2014-3591 FIPS 140-2 related changes: The library performs its self-tests when the module is complete the -hmac file is also...
SUSE SLED12 / SLES12 Security Update : strongswan (SUSE-SU-2015:0281-1)
This strongswan update fixes the following security and non security issues. - Disallow brainpool elliptic curve groups in fips mode bnc856322. - Applied an upstream fix for a denial-of-service vulnerability, which can be triggered by an IKEv2 Key Exchange payload, that contains the Diffie-Hellma...
openssl-fips security update
1.0.1m-2.0.1 - update to upstream 1.0.1m - update to fips canister 2.0.9 - regenerated below patches openssl-1.0.1-beta2-rpmbuild.patch openssl-1.0.1m-rhcompat.patch openssl-1.0.1m-ecc-suiteb.patch openssl-1.0.1m-fips-mode.patch openssl-1.0.1m-version.patch openssl-1.0.1m-evp-devel.patch...
Mandriva Linux Security Advisory : stunnel (MDVSA-2015:096)
Updated stunnel package fixes security vulnerability : A flaw was found in the way stunnel, a socket wrapper which can provide SSL support to ordinary applications, performed reinitialization of PRNG after fork. When accepting a new connection, the server forks and the child process handles the...
openssh security, bug fix and enhancement update
6.6.1p1-11 + 0.9.3-9 - fix direction in CRYPTOSESSION audit message 1171248 6.6.1p1-10 + 0.9.3-9 - add new option GSSAPIEnablek5users and disable using /.k5users by default CVE-2014-9278 1169843 6.6.1p1-9 + 0.9.3-9 - log via monitor in chroots without /dev/log 1083482 6.6.1p1-8 + 0.9.3-9 - increa...
stunnel – an SSL encryption wrapper
The stunnel program is designed to work as an SSL encryption wrapper between remote client and local inetd-startable or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs’ code. Stunnel uses t...
SUSE-SU-2015:0281-1 Security update for strongswan
This strongswan update fixes the following security and non security issues. - Disallow brainpool elliptic curve groups in fips mode bnc856322. - Applied an upstream fix for a denial-of-service vulnerability, which can be triggered by an IKEv2 Key Exchange payload, that contains the Diffie-Hellma...
OracleVM 3.3 : openssl (OVMSA-2015-0005) (FREAK)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2014-3570 - incorrect computation in BNsqr - fix CVE-2014-3571 - possible crash in dtls1getrecord - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix...
Security update for clamav (important)
clamav was updated to version 0.98.5 to fix two security issues. These security issues were fixed: - Segmentation fault when processing certain files CVE-2013-6497. - Heap-based buffer overflow when scanning crypted PE files CVE-2014-9050. The following non-security issues were fixed: - Support f...
SuSE 11.3 Security Update : OpenVPN (SAT Patch Number 10061)
This update fixes a critical denial of service vulnerability in OpenVPN : - Critical denial of service vulnerability in OpenVPN servers that can be triggered by authenticated attackers. Also an incompatibility with OpenVPN and OpenSSL in FIPS mode has been fixed. bnc895882. CVE-2014-8104...
Fedora 21 : clamav-0.98.5-1.fc21 (2014-15434)
ClamAV 0.98.5 ============= ClamAV 0.98.5 also includes these new features and bug fixes : - Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. Addition of shared library support for LLVM versions 3.1 - 3.5 for the purpose of just-in-timeJIT...