Security Bulletin: Multiple vulnerabilities in Bouncy Castle Java Cryptography affect IBM Tivoli Business Manager

Summary Bouncy Castle Java Cryptography is shipped as part of IBM Tivoli Business Manager 6.2.0. Information about security vulnerabilities affecting Bouncy Castle Java Cryptography has been published in a security bulletin. Vulnerability Details CVEID: CVE-2018-5382 DESCRIPTION: Bouncy Castle...

SUSE SLED15 / SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2019:2561-1)

This update for openssl-100 fixes the following issues : OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250 In addition...

openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-2269)

This update for openssl-100 fixes the following issues : OpenSSL Security Advisory 10 September 2019 - CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250 In additio...

OPENSUSE-SU-2019:2269-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250 In addition fix...

SUSE SLED12 / SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2019:2504-1)

This update for openssl-100 fixes the following issues : OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250 In addition...

SUSE-SU-2019:2504-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250 In addition fix...

Invalid Curve Attack

github.com/dvsekhvalnov/jose2go is vulnerable to invalid curve attacks. These attacks are possible when using key agreement with Elliptic Curve Diffie-Hellman Ephemeral Static ECDH-ES, allowing attackers to recover the private secret key...