4225 matches found
openSUSE Security Update : clamav (openSUSE-SU-2014:1560-1)
clamav was updated to version 0.98.5 to fix two security issues. These security issues were fixed : - Segmentation fault when processing certain files CVE-2013-6497. - Heap-based buffer overflow when scanning crypted PE files CVE-2014-9050. The following non-security issues were fixed : - Support...
openSUSE: Security Advisory for clamav (openSUSE-SU-2014:1560-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for clamav (important)
clamav was updated to version 0.98.5 to fix two security issues. These security issues were fixed: - Segmentation fault when processing certain files CVE-2013-6497. - Heap-based buffer overflow when scanning crypted PE files CVE-2014-9050. The following non-security issues were fixed: - Support f...
Fedora 19 : clamav-0.98.5-1.fc19 (2014-15463)
ClamAV 0.98.5 ============= ClamAV 0.98.5 also includes these new features and bug fixes : - Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. Addition of shared library support for LLVM versions 3.1 - 3.5 for the purpose of just-in-timeJIT...
OracleVM 3.3 : nss (OVMSA-2014-0014)
The remote OracleVM system is missing necessary patches to address critical security updates : - Added nss-vendor.patch to change vendor - Update some patches on account of the rebase - Resolves: Bug 1099619 - Backport nss-3.12.6 upstream fix required by Firefox 31 - Resolves: Bug 1099619 - Remov...
OracleVM 3.3 : openssl (OVMSA-2014-0032) (Heartbleed) (POODLE)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 padding attack on SS...
OracleVM 3.3 : nss (OVMSA-2014-0023)
The remote OracleVM system is missing necessary patches to address critical security updates : nss - Added nss-vendor.patch to change vendor - Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1145431 - CVE-2014-1568 - Resolves: Bug 1145431 - CVE-2014-1568 - Removed...
OracleVM 2.2 : openssl (OVMSA-2014-0007)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt - fix for CVE-2013-0169 - SSL/TLS CBC timing attack 907589 - fix for CVE-2013-0166 ...
Fedora 20 : clamav-0.98.5-1.fc20 (2014-15473)
ClamAV 0.98.5 ============= ClamAV 0.98.5 also includes these new features and bug fixes : - Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. Addition of shared library support for LLVM versions 3.1 - 3.5 for the purpose of just-in-timeJIT...
CentOS 6 : openssh (CESA-2014:1552)
Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Scientific Linux Security Update : openssh on SL6.x i386/x86_64 (20141014)
It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record. CVE-2014-2653 It was found th...
openssl security update
1.0.1e-30.2 - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 padding attack on SSL3 1.0.1e-30 - add ECC TLS extensions to DTLS 1119800 1.0.1e-29 - fix CVE-2014-3505...
openssh security, bug fix, and enhancement update
5.3p1-104 - ignore SIGXFSZ in postauth monitor child 1133906 5.3p1-103 - don't try to generate DSA keys in the init script in FIPS mode 1118735 5.3p1-102 - ignore SIGPIPE in ssh-keyscan 1108836 5.3p1-101 - ssh-add: fix fatal exit when removing card 1042519 5.3p1-100 - fix race in backported...
RedHat Update for openssh RHSA-2014:1552-02
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-3566 - Citrix Security Advisory for SSLv3 Protocol Flaw
Description of Problem The recently disclosed protocol flaw in SSLv3, referred to as CVE-2014-3566 or POODLE, could expose some deployments that support SSLv3 to a risk of an active Man in the Middle MITM attack. A successful attack could lead to the disclosure of the information that is being se...
RHEL 6 : openssh (RHSA-2014:1552)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1552 advisory. OpenSSH is OpenBSD's SSH Secure Shell protocol implementation. These packages include the core files necessary for both the OpenSSH client a...
F5 Networks BIG-IP : SSL acceleration card timing vulnerability (K15500)
SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer SSL accelerator cards, might allow remote attackers to have...
SuSE 11.3 Security Update : openssh (SAT Patch Number 9357)
This update for OpenSSH fixes the following issues : - Exit sshd normally when port is already in use. bnc832628 - Use hardware crypto engines where available. bnc826427 - Use correct options for login when it is used. bnc833605 - Move FIPS messages to higher debug level. bnc862875 - Fix forwardi...
SuSE 11.3 Security Update : openssh (SAT Patch Number 9357)
This update for OpenSSH fixes the following issues : - Exit sshd normally when port is already in use. bnc832628 - Use hardware crypto engines where available. bnc826427 - Use correct options for login when it is used. bnc833605 - Move FIPS messages to higher debug level. bnc862875 - Fix forwardi...
openSUSE Security Update : openssl (openSUSE-SU-2013:0337-1)
openssl was updated to 1.0.1e, fixing bugs and security issues : o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. o Include the fips configuration module. o Fix OCSP bad key DoS attack CVE-2013-0166 bnc802746 o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169...