36 matches found
Critical Photon OS Security Update - PHSA-2026-4.0-0993
Updates of 'openssl' packages of Photon OS have been released...
GHSA-HVC4-MJV4-5MW6 vulnerabilities
Vulnerabilities for packages: openssl-provider-fips-3.1.2, openssl, openssl-provider-fips...
Updated python-cryptography & openssl packages fix security vulnerabilities
Cryptography vulnerable to NULL-dereference when loading PKCS7 certificates. CVE-2023-49083 Python-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659. CVE-2023-50782 Cryptography NULL pointer deference with pkcs12.serializekeyandcertificat...
MGASA-2025-0069 Updated python-cryptography & openssl packages fix security vulnerabilities
Cryptography vulnerable to NULL-dereference when loading PKCS7 certificates. CVE-2023-49083 Python-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659. CVE-2023-50782 Cryptography NULL pointer deference with pkcs12.serializekeyandcertificat...
Updated openssl packages fix security vulnerability
Timing side-channel in ECDSA signature computation. CVE-2024-13176...
MGASA-2024-0291 Updated openssl packages fix security vulnerability
Possible denial of service in X.509 name checks. CVE-2024-6119...
MGASA-2024-0247 Updated openssl packages fix security vulnerability
SSLselectnextproto buffer overread. CVE-2024-5535...
CVE-2024-5535 vulnerabilities
Vulnerabilities for packages: openssl...
MGASA-2024-0200 Updated openssl packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Excessive time spent checking DSA keys and parameters. CVE-2024-4603 Use After Free with SSLfreebuffers. CVE-2024-4741...
MGASA-2024-0129 Updated openssl packages fix security vulnerability
Unbounded memory growth with session handling in TLSv1.3. CVE-2024-2511...
MGASA-2024-0020 Updated openssl packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Excessive time spent in DH check / generation with large Q parameter value. CVE-2023-5678 POLY1305 MAC implementation corrupts vector registers on PowerPC. CVE-2023-6129 Excessive time spent checking invalid RSA public keys. CVE-2023-6237 PKCS12...
MGASA-2023-0253 Updated openssl packages fix security vulnerability
AES-SIV implementation ignores empty associated data entries. CVE-2023-2975 Excessive time spent checking DH keys and parameters. CVE-2023-3446 Excessive time spent checking DH q parameter value. CVE-2023-3817...
MGASA-2023-0195 Updated openssl packages fix security vulnerability
Possible DoS translating ASN.1 object identifiers. CVE-2023-2650...
MGASA-2022-0246 Updated openssl packages fix security vulnerability
The crehash script allows command injection. CVE-2022-2068...
MGASA-2022-0173 Updated openssl packages fix security vulnerability
The crehash script allows command injection. CVE-2022-1292...
MGASA-2022-0113 Updated openssl packages fix security vulnerability
Infinite loop in BNmodsqrt reachable when parsing certificates. CVE-2022-0778...
Update of openssl-static, openssl-perl, openssl-devel, openssl, openssl-devel, openssl
Always check certificates from local root store first...
Important Photon OS Security Update - PHSA-2021-0325
Updates of 'openssl' packages of Photon OS have been released...
MGASA-2020-0023 Updated openssl packages fix security vulnerability
Updated compat-openssl10 and openssl packages fix security vulnerability: There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and...
MGASA-2017-0042 Updated openssl packages fix security vulnerability
There is a carry propagation bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256 bits. mong EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation CVE-2016-7055. If an...