23 matches found
SUSE SLED15 / SLES15 Security Update : python-cryptography (SUSE-SU-2026:3026-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:3026-1 advisory. This update for python-cryptography fixes the following issues - CVE-2026-41676: openssl: Deriver:derive and...
SUSE SLES16 Security Update : rust-keylime (SUSE-SU-2026:22583-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22583-1 advisory. Update to version 0.2.9+49. Security issues fixed: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.10.0.git73.b97f772. Security issues fixed: CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. CVE-2026-41677: openssl: out-of-bounds read in PEM password...
SUSE-SU-2026:2975-1 Security update for afterburn
This update for afterburn fixes the following issues Update to version 5.10.0.git73.b97f772. Security issues fixed: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. - CVE-2026-41677: openssl: out-of-bounds read in PEM password...
Security update for rust-keylime (important)
openSUSE security update: security update for rust-keylime ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21274-1 Rating: important References: bsc1260596 bsc1270174 bsc1270523 bsc1270614 bsc1270699 bsc1270792 bsc1270842 bsc1270903 bsc1270999...
SUSE SLES12: clamav / clamav-devel / clamav-docs-html / clamav-milter / etc (SUSE-SU-2026:2833-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2833-1 advisory. This update for clamav fixes the following issues - CVE-2026-20213: PE file format parser could allow an unauthenticated, remote attacker to...
SUSE-SU-2026:2834-1 Security update for clamav
This update for clamav fixes the following issues - CVE-2026-20213: PE file format parser could allow an unauthenticated, remote attacker to cause a denial of service bsc1270107. - CVE-2026-20214: FSG file format parser could allow an unauthenticated, remote attacker to cause a denial of service...
SUSE-SU-2026:2831-1 Security update for rustup
This update for rustup fixes the following issues Security issues: - CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded bsc1243862. - CVE-2025-58160: tracing-subscriber: Tracing log pollution bsc1249008. - CVE-2026-25727: time: parsing of user-provid...
SUSE-SU-2026:2826-1 Security update for rust-keylime
This update for rust-keylime fixes the following issues - Update to version 0.2.9+49 - Update openssl to 0.10.81 - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270174. - CVE-2026-41677: openssl: out-of-bounds read in PEM password...
OPENSUSE-SU-2026:21274-1 Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.9+49. Security issues fixed: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270174. - CVE-2026-41677: openssl: out-of-bounds read in PEM password callbac...
SUSE SLED15: cryptsetup / cryptsetup-doc / cryptsetup-lang / cryptsetup-ssh / etc (SUSE-SU-2026:2777-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2777-1 advisory. This update for cryptsetup, s390-tools fixes the following issue Security fixes: - CVE-2026-41676: openssl:...
SUSE CVE-2026-41676
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...
Amazon Linux 2023 : clamav1.5, clamav1.5-data, clamav1.5-devel (ALAS2023-2026-1870)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1870 advisory. rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out...
Security Bulletin: IBM Edge Data Collector uses openssl-0.10.76.crate which is vulnerable to CVE-2026-41676, CVE-2026-41677, CVE-2026-41678, CVE-2026-41681
Summary IBM Edge Data Collector Component uses openssl-0.10.76.crate which is vulnerable to CVE-2026-41676, CVE-2026-41677, CVE-2026-41678, CVE-2026-41681. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41676 DESCRIPTION: rust-openssl provide...
Fedora 44 : rust-coreos-installer (2026-eeb94c0e5e)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-eeb94c0e5e advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
Fedora 43 : rust-oo7-cli (2026-9695dd338f)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9695dd338f advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
Fedora 44 : rust-rpki (2026-aac0adf7f7)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-aac0adf7f7 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
Fedora 44 : rust-oo7-cli (2026-8e53f4aa95)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8e53f4aa95 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
CVE-2026-41676
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...
CVE-2026-41676
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...