Debian DLA-1418-1 : bouncycastle security update

Several security vulnerabilities were found in Bouncy Castle, a Java implementation of cryptographic algorithms. CVE-2016-1000338 DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have...

Security Bulletin: TLS padding vulnerability affects IBM HTTP Server shipped with IBM Presence Zones (CVE-2014-8730)

Summary IBM HTTP Server is shipped as a component of IBM Presence Zones. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Consult the TLS padding vulnerability affects IBM HTTP Server CVE-2014-8730 security...

Security Bulletin: Security vulnerability in IBM Business Process Manager shipped with IBM SmartCloud Orchestrator and IBM Cloud Orchestrator (CVE-2014-8730)

Summary IBM Business Process Manager and DB2 Enterprise Server Edition are shipped as components of IBM SmartCloud Orchestrator and IBM Cloud Orchestrator. Information about a security vulnerability CVE-2014-8730 affecting both IBM Business Process Manager and IBM DB2 has been published in a...

Security Bulletin: TLS padding vulnerability affects IBM MessageSight (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM MessageSight. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information, caused by th...

Security Bulletin: GSKit TLS Padding Vulnerability affects IBM Tivoli/Security Server on Asset and Service Management (CVE-2014-8730)

Summary IBM Tivoli/Security Directory Server ITDS/ISDS are affected by a TLS padding vulnerability, which could allow a remote attacker to obtain sensitive information. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: IBM Security Directory Server could allow a remote attacker to obtain...

Security Bulletin: A Security vulnerability in IBM HTTP Server shipped with WebSphere Application Server affects IBM Tivoli Network Performance Manager Wireless Platform (CVE-2014-8730)

Summary There is vulnerability in IBM® HTTP Server IHS that is shipped with IBM WebSphere Application Server as a component of IBM Tivoli Network Performance Manager Wireless Platform. Vulnerability Details CVE ID: CVE-2014-8730 DESCRIPTION: IBM HTTP Server could allow a remote attacker to obtain...

Security Bulletin: TLS padding vulnerability affects IBM Tivoli/Security Directory Server shipped with IBM Tivoli Network Performance Manager Wireless Platform (CVE-2014-8730)

Summary IBM Tivoli/Security Directory Server ITDS/ISDS as a component of IBM Tivoli Network Performance Manager Wireless Platform are affected by a TLS padding vulnerability, which could allow a remote attacker to obtain sensitive information Vulnerability Details The following vulnerability...

Security Bulletin: A security vulnerability has been identified in Informix Dynamic Server and IBM® DB2® shipped with IBM Tivoli Network Manager IP Edition (CVE-2014-8730)

Summary Informix Dynamic Server and IBM® DB2® are shipped as a component of IBM Tivoli Network Manager IP Edition. Information about a security vulnerability affecting Informix Dynamic Server and IBM® DB2® have been published in a security bulletin. Vulnerability Details Please consult the securi...

Security Bulletin: A Security vulnerability in IBM HTTP Server shipped with WebSphere Application Server affects Tivoli Netcool Performance Manager TNPM Wireline (CVE-2014-8730).

Summary There is vulnerability in IBM® HTTP Server IHS that is shipped with IBM WebSphere Application Server as a component of IBM Tivoli Network Performance Manager Wireline Platform. Information about a security vulnerability affecting Tivoli Integrated Portal has been published in a security...

Security Bulletin: TLS padding vulnerability affects IBM Rational RequisitePro (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM Rational RequisitePro. Vulnerability Details CVE-ID: CVE-2014-8730 Description: IBM Rational RequisitePro could allow a remote attacker to obtain sensitiv...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection

Summary There are multiple vulnerabilities in OpenSSL that is used by IBM Security Network Protection. These vulnerabilities include CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, and CVE-2016-2842. Vulnerability Details CVEID: CVE-2016-0799 DESCRIPTION:...

Security Bulletin: TLS padding vulnerability affects IBM Security Network Protection (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM Security Network Protection. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to obtain sensitive informatio...

Security Bulletin: TLS padding vulnerability affects IBM Security SiteProtector (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM Security SiteProtector System and IBM Security SiteProtector Appliance. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a...

Security Bulletin: TLS padding vulnerability affects IBM Tivoli/Security Directory Server (CVE-2014-8730)

Summary IBM Tivoli/Security Directory Server ITDS/ISDS are affected by a TLS padding vulnerability, which could allow a remote attacker to obtain sensitive information. Vulnerability Details The following vulnerability affects IBM Security Directory Server / IBM Tivoli Directory Server CVEID:...

Security Bulletin: TLS padding vulnerability affects Tivoli Access Manager for e-business and IBM Security Access Manager for Web (CVE-2014-8730)

Summary IBM Tivoli Access Manager for e-business and IBM Security Access Manager for Web are affected by a TLS padding vulnerability, which could allow a remote attacker to obtain sensitive information. Vulnerability Details The following vulnerability affects both IBM Tivoli Access Manager for...

Security Bulletin: TLS padding vulnerability affects WebSphere Transformation Extender Secure Adapter Collection (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects WebSphere Transformation Extender Secure Adapter Collection. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to...

Security Bulletin: TLS padding vulnerability affects IBM InfoSphere Balanced Warehouse C3000, C4000, IBM Smart Analytics System 1050, 2050, 5600, 5710, 7600, 7700 and 7710 (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM InfoSphere Balanced Warehouse C3000, C4000, IBM Smart Analytics System 1050, 2050, 5600, 5710, 7600, 7700 and 7710. Vulnerability Details CVE-ID:...

Security Bulletin: TLS padding vulnerability affects IBM SPSS Modeler (CVE-2014-8730)

Summary Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM SPSS Modeler. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information, caus...

Security Bulletin: TLS padding vulnerability affects IBM Data Server Client packages (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM Data Server Client packages. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to obtain sensitive informatio...

Security Bulletin: TLS padding vulnerability affects IBM® DB2® LUW (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM® DB2® LUW. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information, caused by the...