27 matches found
CVE-2025-22869
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
CVE-2024-45337
Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...
Debian: Security Advisory (DLA-3455-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3455-1] golang-go.crypto security update
Debian LTS Advisory DLA-3455-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 16, 2023 https://wiki.debian.org/LTS Package : golang-go.crypto Version : 1:0.0git20181203.505ab14-1+deb10u1 CVE ID : CVE-2019-11840 CVE-2019-11841 CVE-2020-9283 Debian Bug : 95246...
Debian dla-3455 : golang-golang-x-crypto-dev - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3455 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3455-1 [email protected]...
Debian DLA-2527-1 : snapd security update
golang-go.crypto was recently updated with a fix for CVE-2019-11840. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix. CVE-2019-11840 An issue was discovered in supplementary Go cryptography libraries, aka...
Debian: Security Advisory (DLA-2527-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2527-1] snapd security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2527-1 [email protected] https://www.debian.org/lts/security/ Brian May January 18, 2021 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DLA-2454-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2454-1 : rclone security update
golang-go.crypto was recently updated with a fix for CVE-2019-11840. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix. CVE-2019-11840 An issue was discovered in supplementary Go cryptography libraries, aka...
Debian DLA-2455-1 : packer security update
golang-go.crypto was recently updated with a fix for CVE-2020-9283. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix. CVE-2020-9283 SSH signature verification could cause Panic when given invalid Public key. For Debian 9 stretch,...
[SECURITY] [DLA 2455-1] packer security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2455-1 [email protected] https://www.debian.org/lts/security/ Brian May November 19, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2454-1] rclone security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2454-1 [email protected] https://www.debian.org/lts/security/ Brian May November 19, 2020 https://wiki.debian.org/LTS -...
Debian DLA-2453-1 : restic security update
golang-go.crypto was recently updated with a fix for CVE-2020-9283. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix. CVE-2020-9283 SSH signature verification could cause Panic when given invalid Public key. For Debian 9 stretch,...
Debian DLA-2442-1 : obfs4proxy security update
golang-go.crypto was recently updated with a fix for CVE-2019-11840. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix. CVE-2019-11840 An issue was discovered in supplementary Go cryptography libraries, aka...
[SECURITY] [DLA 2442-1] obfs4proxy security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2442-1 [email protected] https://www.debian.org/lts/security/ Brian May November 10, 2020 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DLA-2402-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2402-1 : golang-go.crypto security update
CVE-2019-11840 An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto. If more than 256 GiB of keystream is generated, or if the counter otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect output, and then cycle...
[SECURITY] [DLA 2402-1] golang-go.crypto security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2402-1 [email protected] https://www.debian.org/lts/security/ Brian May October 08, 2020 https://wiki.debian.org/LTS -...
Debian DLA-1920-1 : golang-go.crypto security update
This package ignored the value of the Hash header, which allows an attacker to spoof it. An attacker can not only embed arbitrary Armor Headers, but also prepend arbitrary text to cleartext messages without invalidating the signatures. For Debian 8 'Jessie', this problem has been fixed in version...