OESA-2025-2485 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read an...

CLSA-2025-1760712798 openssl: Fix of CVE-2025-9230

CVE-2025-9230: fix Out-of-bounds read & write in RFC 3211 KEK Unwrap...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2025-9230: fixed out of bounds read and write in RFC 3211 KEK unwrap bsc1250232 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

SUSE-SU-2025:03635-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2025-9230: fixed out of bounds read and write in RFC 3211 KEK unwrap bsc1250232...

Security update for openssl-1_1-livepatches

This update for openssl-11-livepatches fixes the following issues: Add livepatch for CVE-2025-9230 bsc1250410. Use strong externalization for ssl3setupreadbuffer and ssl3releasereadbuffer Use strong externalization for osslstatemfatal. Add livepatch for CVE-2024-4741 bsc1225552. Drop trigger rule...

SUSE-SU-2025:03632-1 Security update for openssl-1_1-livepatches

This update for openssl-11-livepatches fixes the following issues: - Add livepatch for CVE-2025-9230 bsc1250410. - Use strong externalization for ssl3setupreadbuffer and ssl3releasereadbuffer - Use strong externalization for osslstatemfatal. - Add livepatch for CVE-2024-4741 bsc1225552. - Drop...

Security update for openssl1

This update for openssl1 fixes the following issues: CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

CLSA-2025-1760559298 openssl: Fix of CVE-2018-0734

CVE-2018-0734: fix timing side channel attack in DSA signature algorithm...

openssl: Fix of CVE-2018-0734

CVE-2018-0734: fix timing side channel attack in DSA signature algorithm...

CLSA-2025-1760556795 openssl: Fix of CVE-2018-0734

CVE-2018-0734: fix timing side channel attack in DSA signature algorithm...

Amazon Linux 2 : openssl11, --advisory ALAS2-2025-3033 (ALAS-2025-3033)

The version of openssl11 installed on the remote host is prior to 1.1.1zd-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3033 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an...

Amazon Linux 2 : edk2, --advisory ALAS2-2025-3022 (ALAS-2025-3022)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3022 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a cra...

Amazon Linux 2 : openssl, --advisory ALAS2-2025-3034 (ALAS-2025-3034)

The version of openssl installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3034 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an out-of-bound...

Amazon Linux 2 : openssl-snapsafe, --advisory ALAS2OPENSSL-SNAPSAFE-2025-008 (ALASOPENSSL-SNAPSAFE-2025-008)

The version of openssl-snapsafe installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2OPENSSL-SNAPSAFE-2025-008 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can...

Security update for rust-keylime

This update for rust-keylime fixes the following issues: CVE-2025-55159: slab: incorrect bounds check in getdisjointmut function can lead to undefined behavior or potential crash due to out-of-bounds access bsc1248006 CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in...

BIT-PYTHON-MIN-2024-5642 Buffer overread when using an empty list with SSLContext.set_npn_protocols()

CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being...

BIT-PYTHON-2024-5642 Buffer overread when using an empty list with SSLContext.set_npn_protocols()

CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being...

BIT-LIBPYTHON-2024-5642 Buffer overread when using an empty list with SSLContext.set_npn_protocols()

CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being...

Medium: openssl11

Issue Overview: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds...

SUSE SLED15 / SLES15 Security Update : openssl-3 (SUSE-SU-2025:03546-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03546-1 advisory. - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232. Tenable has extracted the precedi...