8 matches found
Security Bulletin: IBM i is affected by errors in OpenSSL as part of IBM Portable Utilities for i due to multiple vulnerabilities.
Summary IBM i is affected by errors in OpenSSL as part of IBM Portable Utilities for i as described in the vulnerability details section CVE-2024-9143, CVE-2023-5678, CVE-2024-5535, CVE-2024-0727, CVE-2023-6129, CVE-2023-6237, CVE-2024-2511, CVE-2024-6119, CVE-2024-4603, CVE-2023-5363,...
Security update for python311
This update for python311 fixes the following issues: Updated to 3.11.12: gh-131809: Updated bundled libexpat to 2.7.1 gh-131261: Upgraded to libexpat 2.7.0 CVE-2025-0938: Fixed functions urllib.parse.urlsplit and urlparse accepting domain names including square brackets bsc1236705 gh-121284: Fix...
SUSE-SU-2023:0673-1 Security update for nodejs16
This update for nodejs16 fixes the following issues: Update to LTS version 16.19.1: - CVE-2023-23918: Fixed permissions policies that could have been bypassed via process.mainModule bsc1208481. - CVE-2023-23919: Fixed OpenSSL error handling issues in nodejs crypto library bsc1208483. -...
UBUNTU-CVE-2023-23919
A cryptographic vulnerability exists in Node.js 19.2.0, 18.14.1, 16.19.1, 14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread...
SUSE CVE-2005-2531
OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial o...
go-toolset:ol8 security update
go-toolset 1.12.12-1 - Update for golang package fixes 1.12.12-1 - Bump version to 1.12.12 golang 1.12.12-4.0.1 - from upstream https://github.com/golang/go/issues/2775 - move arbitrary value 10% to 15% for GC tests, hits 10.48% on our - infrastructure - Resolves failing post build tests Orabug:...
DEBIAN-CVE-2005-2531
OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial o...
DSA-393 openssl - denial of service
Bulletin has no description...