8 matches found
Fedora 28 : dislocker / dolphin-emu / mbedtls / nekovm (2018-5d6e80ab82)
Update to 2.13.0 - CVE-2018-0497 Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-2.13.0-2.7.6-and-2. 1.15-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security -advisory-2018-02 Note that Tenable Network Security has extracted the...
Fedora 29 : dislocker / dolphin-emu / julia / mbedtls / nekovm / nng (2018-c6b5117772)
Update to 2.13.0 - CVE-2018-0497 Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-2.13.0-2.7.6-and-2. 1.15-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security -advisory-2018-02 ---- Make package installable again by fixing Requires...
Fedora Update for nekovm FEDORA-2018-5d6e80ab82
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1518-1] polarssl security update
Package : polarssl Version : 1.3.9-2.1+deb8u4 CVE ID : CVE-2013-0169 CVE-2018-0497 CVE-2018-0498 CVE-2018-9988 CVE-2018-9989 Debian Bug : Two vulnerabilities were discovered in polarssl, a lightweight crypto and SSL/TLS library nowadays continued under the name mbedtls which could result in plain...
Debian DSA-4296-1 : mbedtls - security update
Two vulnerabilities were discovered in mbedtls, a lightweight crypto and SSL/TLS library which could result in plain text recovery via side-channel attacks. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-429...
[SECURITY] [DSA 4296-1] mbedtls security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4296-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 16, 2018 https://www.debian.org/security/faq -...
CVE-2018-0497
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery for a CBC based ciphersuite via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix with a wrong SHA-384 calculation for CVE-2013-0169...
CVE-2018-0497
CVE-2018-0497 affects ARM mbed TLS prior to 2.12.0, prior to 2.7.5, and prior to 2.1.14. It enables remote partial plaintext recovery in CBC-based ciphersuites via a timing-based side-channel attack. The issue stems from an incorrect fix for CVE-2013-0169, specifically a wrong SHA-384 calculation...