Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5 as very old protocol supported quite a number of ciphers that are not longer up to current cryptographi...

SUSE-SU-2025:3698-1 Security update for krb5

This update for krb5 fixes the following issues: - CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5 as very old protocol supported quite a number of ciphers that are not longer up to current...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5, as a very old protocol, supported quite a number of ciphers that are not longer up to current...

Netscaler SSL (Certificates and Ciphers)

Introduction This article provides a summary of the useful resources about Netscaler SSL Certificates and Ciphers Appendix: Top Knowledge Content Troubleshooting Common Problems CTX124429 - Error: "unable to load PKCS7 object" is Displayed when Converting or Installing a PKCS 7 Certificate on...

openssl: Using a Custom Cipher with NID_undef may lead to NULL encryption

A flaw was found in OpenSSL, where it incorrectly handles legacy custom ciphers passed to the EVPEncryptInitex2, EVPDecryptInitex2 and EVPCipherInitex2 functions as well as other similarly named encryption and decryption initialization functions. Instead of using the custom cipher directly, it...

DEBIAN-CVE-2022-3358

OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0...

ALPINE-CVE-2022-3358

OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0...

UBUNTU-CVE-2022-3358

OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0...

USN-3194-1 openjdk-7 vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...