CLSA-2026-1777999127 Fix CVE(s): CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390

SECURITY UPDATE: fix UAF/double-free in DANE client by using X509free for dane-mcert - debian/patches/CVE-2026-28387.patch: fix UAF/double-free in DANE client by using X509free for dane-mcert - CVE-2026-28387 SECURITY UPDATE: NULL check delta-crlnumber before ASN1INTEGERcmp in checkdeltabase -...

libcrux-kem (>=0.0.2 <=0.0.2-beta.3), libcrux-psq (=0.0.2-beta.3) potentially affected by unknown CVE via libcrux-ecdh (>=0.0.2-beta.3 <=0.0.2)

libcrux-ecdh CARGO version =0.0.2-beta.3, =0.0.2, =0.0.2-beta.3 - libcrux-psq =0.0.2-beta.3 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0023...

SUSE: Security Advisory (SUSE-SU-2014:1104-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:2988-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for gnutls (openSUSE-SU-2020:1743-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : gnutls (openSUSE-2020-1724)

This update for gnutls fixes the following issues : - Fix heap buffer overflow in handshake with norenegotiation alert sent CVE-2020-24659 bsc1176181 - FIPS: Implement ECDH requirements from SP800-56Arev3 bsc1176086 - FIPS: Use 2048 bit prime in DH selftest bsc1176086 - FIPS: Add TLS KDF selftest...

Information Disclosure

OpenSSL is vulnerable to information disclosure. The library contains a carry propagation bug that can allow a malicious user to gain information on the curve used for encryption during key negotiation using the Elliptic Curve Diffie-Hellman EC-DH Cipher...

Vulnerability in OpenSSL - OpenSSL DTLS anonymous EC(DH) denial of service

A flaw in handling DTLS anonymous ECDH ciphersuites was found. OpenSSL DTLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference read by specifying an anonymous ECDH ciphersuite and sending...