8 matches found
openSUSE Security Update : tryton (openSUSE-2018-1588)
This update for tryton to version 4.2.19 fixes the following issues : Security issue fixed : - CVE-2018-19443: Fixed an information leakage by attemping to initiate an unencrypted connection, which would fail eventually, but might leak session information of the user boo1117105 This update also...
openSUSE Security Update : tryton (openSUSE-2018-1587)
This update for tryton to version 4.2.19 fixes the following issues boo1107771 : Security issue fixed : - CVE-2018-19443: Fixed an information leakage by attemping to initiate an unencrypted connection, which would fail eventually, but might leak session information of the user boo1117105 This...
openSUSE: Security Advisory for tryton (openSUSE-SU-2018:4242-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for tryton (openSUSE-SU-2018:4248-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for tryton (moderate)
This update for tryton to version 4.2.19 fixes the following issues boo1107771: Security issue fixed: - CVE-2018-19443: Fixed an information leakage by attemping to initiate an unencrypted connection, which would fail eventually, but might leak session information of the user boo1117105 This upda...
Security update for tryton (moderate)
This update for tryton to version 4.2.19 fixes the following issues: Security issue fixed: - CVE-2018-19443: Fixed an information leakage by attemping to initiate an unencrypted connection, which would fail eventually, but might leak session information of the user boo1117105 This update also...
CVE-2018-19443
The client in Tryton 5.x before 5.0.1 tries to make a connection to the bus in cleartext instead of encrypted under certain circumstances in bus.py and jsonrpc.py. This connection attempt fails, but it contains in the header the current session of the user. This session could then be stolen by a...
CVE-2018-19443
CVE-2018-19443 affects Tryton: the client in Tryton 5.x before 5.0.1 can initiate a cleartext bus connection under certain conditions; the header may carry the user session, enabling MITM session leakage. Connected sources confirm the issue and indicate security updates across distributions (e.g....