37 matches found
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
edk2 security update
20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
edk2 security update
20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
Oracle Linux 8 : openssl (ELSA-2019-3700)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3700 advisory. 1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c...
SUSE CVE-2019-1543
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also...
SUSE: Security Advisory (SUSE-SU-2019:0678-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0787-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssl110f (EulerOS-SA-2019-1328)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssl110f (EulerOS-SA-2019-1327)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssl110h (EulerOS-SA-2019-1890)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : openssl (RHSA-2019:3700)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3700 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private for Data - OpenSSL (CVE-2019-1543), Kubernetes (CVE-2019-1002100, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518)
Summary Security Vulnerabilities affect IBM Cloud Private for Data - OpenSSL CVE-2019-1543, Kubernetes CVE-2019-1002100, Kubernetes CVE-2019-9511, Kubernetes CVE-2019-9512, Kubernetes CVE-2019-9513, Kubernetes CVE-2019-9514, Kubernetes CVE-2019-9515, Kubernetes CVE-2019-9516, Kubernetes...
Oracle MySQL Server 5.3 <= 5.3.13 / 8.0 <= 8.0.17 Security Update (cpuoct2019) - Windows
Oracle MySQL Server is prone to a vulnerability. This VT has been deprecated because it doesn SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only i...
Oracle MySQL Server 5.3 <= 5.3.13 / 8.0 <= 8.0.17 Security Update (cpuoct2019) - Linux
Oracle MySQL Server is prone to a vulnerability. This VT has been deprecated because it doesn SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only i...
Fedora 29 : 1:compat-openssl10 (2019-9a0a7c0986)
Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559. https://www.openssl.org/news/vulnerabilities.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1d-alt1
Sept. 19, 2019 Gleb Fotengauer-Malinovskiy 1.1.1d-alt1 - Updated to 1.1.1d fixes CVE-2019-1543, CVE-2019-1549, CVE-2019-1563, CVE-2019-1547, CVE-2019-1552. - Changed License: tag to SPDX identifier of actual openssl license...
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1d-alt1
Sept. 19, 2019 Gleb Fotengauer-Malinovskiy 1.1.1d-alt1 - Updated to 1.1.1d fixes CVE-2019-1543, CVE-2019-1549, CVE-2019-1563, CVE-2019-1547, CVE-2019-1552. - Changed License: tag to SPDX identifier of actual openssl license...
EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-1890)
According to the versions of the openssl110h packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce...
openSUSE Security Update : virtualbox (openSUSE-2019-1814)
This update for virtualbox to version 6.0.10 fixes the following issues : Security issues fixed : - CVE-2019-2859 CVE-2019-2867 CVE-2019-2866 CVE-2019-2864 CVE-2019-2865 CVE-2019-1543 CVE-2019-2863 CVE-2019-2848 CVE-2019-2877 CVE-2019-2873 CVE-2019-2874 CVE-2019-2875 CVE-2019-2876 CVE-2019-2850...
openSUSE: Security Advisory for virtualbox (openSUSE-SU-2019:1814-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...