19 matches found
openssl-ibmca bug fix and enhancement update
An update is available for openssl-ibmca. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...
Ubuntu: Security Advisory (USN-6046-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6046-1: OpenSSL-ibmca vulnerabilities
It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption. An attacker could possibly use this issue to expose sensitive information...
USN-6046-1 openssl-ibmca vulnerabilities
It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption. An attacker could possibly use this issue to expose sensitive information...
SUSE: Security Advisory (SUSE-SU-2023:2047-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : openssl-ibmca (SUSE-SU-2023:2046-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2046-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : OpenSSL-ibmca vulnerabilities (USN-6046-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6046-1 advisory. It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption. An attacker could possibly use this issue to...
SUSE SLES12 Security Update : openssl-ibmca (SUSE-SU-2023:2047-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2047-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...
PT-2023-36307 · Unknown · Openssl-Ibmca
Name of the Vulnerable Software and Affected Versions: OpenSSL-ibmca affected versions not specified Description: It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption, which could allow an attacker to expose sensitive information. Recommendations: At the moment, there i...
SUSE-SU-2023:2047-1 Security update for openssl-ibmca
This update for openssl-ibmca fixes the following issues: - Fixed a timing-based side channel attack in RSA in the IBMCA engine openssl-ibmca...
SUSE-SU-2023:2046-1 Security update for openssl-ibmca
This update for openssl-ibmca fixes the following issues: Upgraded openssl-ibmca to version 2.4.0 bsc1210058 - Provider: Adjustments for OpenSSL versions 3.1 and 3.2 - Provider: Support RSA blinding - Provider: Constant-time fixes for RSA PKCS1 v1.5 and OAEP padding - Provider: Support 'implicit...
PT-2023-36151 · Openssl +1 · Openssl +1
Name of the Vulnerable Software and Affected Versions: openssl-ibmca versions prior to 2.4.0 Description: The issue concerns adjustments and fixes for OpenSSL versions 3.1 and 3.2, including support for RSA blinding, constant-time fixes for RSA PKCS1 v1.5 and OAEP padding, and support for 'implic...
PT-2023-36152 · Ibm · Openssl-Ibmca
Name of the Vulnerable Software and Affected Versions: openssl-ibmca affected versions not specified Description: The issue is related to a timing-based side channel attack in RSA within the IBMCA engine of openssl-ibmca. Recommendations: At the moment, there is no information about a newer versi...
openssl-ibmca bug fix and enhancement update
An update is available for openssl-ibmca. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The openssl-ibmca package provides a dynamic OpenSSL engine for the IBM...
ALSA-2023:0946 Moderate: openssl security and bug fix update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: read buffer overflow in X.509 certificate verification CVE-2022-4203 openssl: timing attack in RS...
openssl-ibmca bug fix and enhancement update
An update is available for openssl-ibmca. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...
openssl-ibmca bug fix update
An update is available for openssl-ibmca. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The openssl-ibmca package provides a dynamic OpenSSL engine for the IBM...
OracleVM 3.3 / 3.4 : openssh (OVMSA-2017-0053)
The remote OracleVM system is missing necessary patches to address critical security updates : - Allow to use ibmca crypto hardware 1397547 - CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes 1405374 - Fix missing hmac-md5-96 from server offer 1373836 - Prevent...
openssh security and bug fix update
5.3p1-122 - Allow to use ibmca crypto hardware 1397547 - CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes 1405374 5.3p1-121 - Fix missing hmac-md5-96 from server offer 1373836 5.3p1-120 - Prevent infinite loop when Ctrl+Z pressed at password prompt 1218424 - Remove...