SUSE: Security Advisory (SUSE-SU-2019:0113-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:2914-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3606-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0303-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Incorrect Signature Verification

nettle uses incorrect signature verification. Some flaws in Several Nettle signature verification functions GOST DSA, EDDSA & ECDSA allows an attacker to force an invalid signature, causing an assertion failure or possible validation...

openSUSE: Security Advisory for flatpak, (openSUSE-SU-2021:0520-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for openldap2 (openSUSE-SU-2021:0408-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

EulerOS Virtualization 2.9.0 : openldap (EulerOS-SA-2021-1753)

According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateChec...

EulerOS Virtualization 2.9.1 : bind (EulerOS-SA-2021-1725)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in bind when an asterisk character is present in an empty non-terminal location within the DNS graph. This flaw...

EulerOS Virtualization 2.9.1 : openldap (EulerOS-SA-2021-1719)

According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateChec...

Oracle Linux 7 : qemu (ELSA-2021-9109)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9109 advisory. - 9pfs: Fully restart unreclaim loop CVE-2021-20181 Greg Kurz Orabug: 32441198 CVE-2021-20181 - ide: atapi: check logical block address and read size...

Oracle Linux 7 : qemu (ELSA-2021-9104)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9104 advisory. - 9pfs: Fully restart unreclaim loop CVE-2021-20181 Greg Kurz Orabug: 32441198 CVE-2021-20181 - ide: atapi: check logical block address and read size...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-1739)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-1719)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

A flaw was found in Nettle in versions before 3.7.2 where several Nettle signature verification functions (GOST DSA EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality integrity as well as system availability.

...

openSUSE Security Update : flatpak / libostree / xdg-desktop-portal / etc (openSUSE-2021-520)

This update for flatpak, libostree, xdg-desktop-portal, xdg-desktop-portal-gtk fixes the following issues : libostree : Update to version 2020.8 - Enable LTO. bsc1133120 - This update contains scalability improvements and bugfixes. - Caching-related HTTP headers are now supported on summaries and...

SUSE SLED15 / SLES15 Security Update : flatpak, libostree, xdg-desktop-portal, xdg-desktop-portal-gtk (SUSE-SU-2021:1094-1)

This update for flatpak, libostree, xdg-desktop-portal, xdg-desktop-portal-gtk fixes the following issues : libostree : Update to version 2020.8 Enable LTO. bsc1133120 This update contains scalability improvements and bugfixes. Caching-related HTTP headers are now supported on summaries and...

OESA-2021-1119 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

CVE-2021-20305

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allow...

Design/Logic Flaw

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allow...