MiracleLinux 9 : openssl-3.0.1-41.el9 (AXSA:2022-3964:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3964:07 advisory. openssl: crehash script allows command injection CVE-2022-1292 openssl: Signer certificate verification returns inaccurate response when using...

RHEL 9 : openssl (RHSA-2022:6224)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6224 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

openssl security update

1:1.1.1k-7 - Fix CVE-2022-2097: AES OCB fails to encrypt some bytes on 32-bit x86 Resolves: CVE-2022-2097 - Update expired certificates used in the testsuite Resolves: rhbz2100554 - Fix CVE-2022-1292: openssl: crehash script allows command injection Resolves: rhbz2090371 - Fix CVE-2022-2068: the...

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: crehash script allows command injection CVE-2022-1292 openssl: the crehash script allows command...

Information Disclosure

openssl is vulnerable to information disclosure. The vulnerability exists due to a failed AES OCB encryption which allows an attacker to gain access to sensitive information...