[SECURITY] [DLA 2774-1] openssl1.0 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2774-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 30, 2021 https://wiki.debian.org/LTS -...

SUSE: Security Advisory (SUSE-SU-2021:14801-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for openssl-1_1 (openSUSE-SU-2021:1248-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for openssl-1_1 (low)

openSUSE Security Update: Security update for openssl-11 Announcement ID: openSUSE-SU-2021:1248-1 Rating: low References: 1189521 Cross-References: CVE-2021-3712 CVSS scores: CVE-2021-3712 SUSE: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap 15.2 An update that...

openSUSE: Security Advisory for openssl-1_0_0 (openSUSE-SU-2021:2994-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE 15 Security Update : openssl-1_0_0 (openSUSE-SU-2021:2994-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2994-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field...

SUSE: Security Advisory (SUSE-SU-2021:2994-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : openssl-1_1 (SUSE-SU-2021:2996-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2996-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string dat...

Security update for openssl-1_0_0 (low)

openSUSE Security Update: Security update for openssl-100 Announcement ID: openSUSE-SU-2021:2994-1 Rating: low References: 1189521 Cross-References: CVE-2021-3712 CVSS scores: CVE-2021-3712 SUSE: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap 15.3 An update that...

SUSE: Security Advisory (SUSE-SU-2021:2966-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:2966-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521...

SUSE SLES12 Security Update : compat-openssl098 (SUSE-SU-2021:2852-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2852-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a...

FreeBSD : OpenSSL -- multiple vulnerabilities (96811d4a-04ec-11ec-9b84-d4c9ef517024)

The OpenSSL project reports : SM2 Decryption Buffer Overflow CVE-2021-3711: High Read buffer overruns processing ASN.1 strings CVE-2021-3712 : Moderate %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...

OpenSSL -- multiple vulnerabilities

The OpenSSL project reports: SM2 Decryption Buffer Overflow CVE-2021-3711: High Read buffer overruns processing ASN.1 strings CVE-2021-3712: Moderate...

Debian DSA-4963-1 : openssl - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4963 advisory. Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. CVE-2021-3711 John Ouyang reported a buffer overflow vulnerability ...

UBUNTU-CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

CVE-2021-3548

A flaw was found in dmg2img through 20170502. dmg2img did not validate the size of the read buffer during memcpy inside the main function. This possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution...

Amazon Linux 2 : freerdp (ALAS-2020-1516)

The version of freerdp installed on the remote host is prior to 2.1.1-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1516 advisory. In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients...

MGASA-2020-0157 Updated dcraw packages fix security vulnerabilities

The updated packages fix security vulnerabilities: There is a floating point exception in the kodakradcloadraw function in dcrawcommon.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack. CVE-2017-13735 In LibRaw through 0.18.4, an out of bounds read flaw related to...

UBUNTU-CVE-2015-0841

Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8, allows remote attackers to cause a denial of service crash via a long line...