Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for...

OPENSUSE-SU-2024:13806-1 gnutls-3.8.4-1.1 on GA media

These are all security issues fixed in the gnutls-3.8.4-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13444-1 gnutls-3.8.2-1.1 on GA media

These are all security issues fixed in the gnutls-3.8.2-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12233-1 gnutls-3.7.7-1.1 on GA media

These are all security issues fixed in the gnutls-3.7.7-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13593-1 gnutls-3.8.3-1.1 on GA media

These are all security issues fixed in the gnutls-3.8.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10801-1 gnutls-3.7.2-1.2 on GA media

These are all security issues fixed in the gnutls-3.7.2-1.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12699-1 gnutls-3.7.9-1.2 on GA media

These are all security issues fixed in the gnutls-3.7.9-1.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10105-1 gnutls-3.4.15-1.1 on GA media

These are all security issues fixed in the gnutls-3.4.15-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE: Security Advisory (SUSE-SU-2024:1271-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : gnutls (SUSE-SU-2024:1271-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1271-2 advisory. - CVE-2024-28834: Fixed side-channel in the deterministic ECDSA bsc1221746 - CVE-2024-28835: Fixed denial of service during...

SUSE-SU-2024:1271-2 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2024-28834: Fixed side-channel in the deterministic ECDSA bsc1221746 - CVE-2024-28835: Fixed denial of service during certificate chain verification bsc1221747 Other fixes: - jitterentropy: Release the memory of the entropy collector when...

RHEL 7 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gnutls: certificate algorithm consistency checking issue CVE-2015-0294 - gnutls: use-after-free flaw in C...

RHEL 5 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gnutls: Heap read overflow in read-packet.c CVE-2017-5337 - The TLS protocol 1.2 and earlier, as used in...

RHEL 6 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtasn1: asn1getbitder can return negative bit length CVE-2014-3468 - gnutls: HMAC-SHA-384 vulnerable to...

RHEL 6 : pidgin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pidgin: Out-of-bounds write in purplemarkupunescapeentity triggered by invalid XML CVE-2017-2640 - Pidgin...

RHEL 8 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - GnuTLS: Null pointer dereference in MDUPDATE CVE-2021-4209 Note that Nessus has not tested for this issue but has...

RHEL 6 : mingw32-gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gnutls: incorrect handling of V1 intermediate certificates CVE-2009-5138 - gnutls: incorrect error handli...

RHEL 4 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtasn1: asn1getbitder can return negative bit length CVE-2014-3468 - libtasn1: asn1readvaluetype NULL...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1763)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2024-1763)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of...