EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1009)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries CVE-2018-0495 - openssl: Malicious server can send large prime to...

Scientific Linux Security Update : openssl on SL7.x x86_64 (20181030)

Security Fixes : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries CVE-2018-0495 - openssl: Malicious server can send large prime to client during DHE TLS handshake causing the client to hang CVE-2018-0732 - openssl: Handling of crafted recursive ASN.1 structures can cau...

RHEL 7 : openssl (RHSA-2018:3221)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3221 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

[slackware-security] openssl

New openssl packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openssl-1.0.2p-i586-1slack14.2.txz: Upgraded. This update fixes two low severity security issues: Client DoS due to large DH paramete...

FreeBSD : OpenSSL -- Cache timing vulnerability (8f353420-4197-11e8-8777-b499baebfeaf)

The OpenSSL project reports : The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. C Tenable Network...