14 matches found
OracleVM 2.2 : openssl (OVMSA-2014-0007)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt - fix for CVE-2013-0169 - SSL/TLS CBC timing attack 907589 - fix for CVE-2013-0166 ...
[SECURITY] [DSA-2141-1] New openssl packages fix protocol design flaw
------------------------------------------------------------------------ Debian Security Advisory DSA-2141-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 06, 2011 http://www.debian.org/security/faq -...
Critical: Red Hat Security Advisory: java-1.4.2-ibm security update
Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact...
USN-927-6: NSS vulnerability
USN-927-1 fixed vulnerabilities in NSS on Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 9.04. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start...
Ubuntu 8.04 LTS : nspr update (USN-927-5)
USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject...
USN-927-5: nspr update
USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start of a TLS connection,...
Ubuntu Update for thunderbird regression USN-927-3
Ubuntu Update for Linux kernel vulnerabilities USN-927-3 OpenVAS Vulnerability Test $Id: gbubuntuUSN9273.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for thunderbird regression USN-927-3 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-927-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for nss vulnerability USN-927-1
Ubuntu Update for Linux kernel vulnerabilities USN-927-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9271.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for nss vulnerability USN-927-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.n...
Ubuntu 9.10 : thunderbird regression (USN-927-3)
USN-927-1 fixed vulnerabilities in NSS. Due to upstream changes in NSS 3.12.6, Thunderbird would be unable to initialize the security component and connect with SSL/TLS if the old libnss3-0d transition package was installed. This update fixes the problem. We apologize for the inconvenience. Marsh...
Ubuntu 9.10 : nss vulnerability (USN-927-1)
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new...
USN-927-2: NSS regression
USN-927-1 fixed vulnerabilities in NSS. Upstream NSS 3.12.6 added an additional checksum verification on libnssdbm3.so, but the Ubuntu packaging did not create this checksum. As a result, Firefox could not initialize the security component when the NSS Internal FIPS PKCS 11 Module was enabled. Th...
USN-927-1: NSS vulnerability
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new...
openssl security update
0.9.8e-12.6 - fix CVE-2009-3245 - add missing bnwexpand return checks 570924 0.9.8e-12.5 - fix CVE-2010-0433 - do not pass NULL princ to krb5ktgetentry which in the RHEL-5 and newer versions will crash in such case 569774 0.9.8e-12.4 - do not disable SSLv2 in the renegotiation patch - SSLv2 does...