SUSE: Security Advisory (SUSE-SU-2016:2470-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei Data Communication: Sixteen OpenSSL Vulnerabilities on Some Huawei products (huawei-sa-20170322-01-openssl)

Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Security Bulletin: Vulnerabilities in OpenSSL affect Tivoli Storage FlashCopy Manager VMware (CVE-2016-6303, CVE-2016-2182, CVE-2016-2177, CVE-2016-2183, CVE-2016-6309, CVE-2016-7052, CVE-2016-2178, CVE-2016-6306)

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL used by Tivoli Storage FlashCopy Manager IBM Spectrum Protect Snapshot VMware has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6303 DESCRIPTION: OpenSSL is vulnerabl...

Security Bulletin: Vulnerabilities in OpenSSL affect Tivoli Storage FlashCopy Manager Unix (CVE-2016-6303, CVE-2016-2182, CVE-2016-2177, CVE-2016-2183, CVE-2016-6309, CVE-2016-7052, CVE-2016-2178, CVE-2016-6306)

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL used by Tivoli Storage FlashCopy Manager IBM Spectrum Protect Snapshot Unix has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6303 DESCRIPTION: OpenSSL is vulnerable ...

HP Version Control Repository Manager < 7.6.0 Multiple Vulnerabilities

According to its self-reported version, the HP Version Control Repository Manager VCRM application installed on the remote Windows host is prior to 7.6.0. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in OpenSSL in x509vfy.c due to improper...

Fedora Update for openssl FEDORA-2016-64e0743e16

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for nodejs (openSUSE-SU-2016:2496-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : nodejs (openSUSE-2016-1172)

This update brings the new upstream nodejs LTS version 4.6.0, fixing bugs and security issues : - Nodejs embedded openssl version update + upgrade to 1.0.2j CVE-2016-6304, CVE-2016-2183, CVE-2016-2178, CVE-2016-6306, CVE-2016-7052 + remove support for dynamic 3rd party engine modules - http:...

Fedora 23 : 1:openssl (2016-97454404fe)

Update from upstream with multiple security issues fixed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

SOL39272405 - OpenSSL vulnerability CVE-2016-7052

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

OpenSSL 1.0.2i < 1.0.2j Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.0.2j. It is, therefore, affected by a vulnerability as referenced in the 1.0.2j advisory. - crypto/x509/x509vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service NULL pointer dereference and application crash...

CVE-2016-7052

OpenSSL 1.0.2i is affected by CVE-2016-7052 due to a missing CRL sanity check, allowing remote denial of service via a CRL operation (NULL pointer dereference and crash). Impact is limited to affected OpenSSL components; multiple advisories confirm OpenSSL 1.0.2i is vulnerable and that upgrading ...

CVE-2016-7052

crypto/x509/x509vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service NULL pointer dereference and application crash by triggering a CRL operation...

[slackware-security] openssl

New openssl packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openssl-1.0.2j-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: Missing CRL sanity check CVE-2016-7052 For more...

Security updates for all active release lines, September 2016

Security updates for all active release lines, September 2016 Update 27-September-2016 Releases available Updates are now available for all active Node.js release lines. These include the recently published versions of OpenSSL 1.0.1 and 1.0.2 as well as fixes for some Node.js-specific...