224 matches found
SUSE SLED15: libekmfweb1 / libekmfweb1-devel / libkmipclient1 / osasnmpd / etc (SUSE-SU-2025:02017-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02017-1 advisory. Security issues fixed: - CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate...
Security update for s390-tools
This update for s390-tools fixes the following issues: Security issues fixed: CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate. bsc1242622 Other issues: Added the new IBM z17 9175 processor type. Patch Instructions: To install this SUSE update use the SUSE...
SUSE-SU-2025:02017-1 Security update for s390-tools
This update for s390-tools fixes the following issues: Security issues fixed: - CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate. bsc1242622 Other issues: - Added the new IBM z17 9175 processor type...
Fedora 43 : rust-openssl / rust-openssl-sys (2025-e385cbedb5)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-e385cbedb5 advisory. - Update the openssl crate to version 0.10.72. - Update the openssl-sys crate to version 0.9.107. This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 a...
Fedora 42 : rust-openssl / rust-openssl-sys (2025-c263d3ebd9)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-c263d3ebd9 advisory. - Update the openssl crate to version 0.10.72. - Update the openssl-sys crate to version 0.9.107. This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 a...
Security update for python-cryptography
This update for python-cryptography fixes the following issues: CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
SUSE-SU-2025:20407-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues: - CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631...
SUSE-SU-2025:01807-1 Security update for 389-ds
This update for 389-ds fixes the following issues: Security fixes: - CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242666 Other fixes: - Enable memory accounting as SUSE disables it by default bsc1241016. - Fix dsidm service getdn option failing...
SUSE-SU-2025:01806-1 Security update for 389-ds
This update for 389-ds fixes the following issues: Security fixes: - CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242666 Other fixes: - Enable memory accounting as SUSE disables it by default bsc1241016. - Fix dsidm service getdn option failing...
RHEL 9 : keylime-agent-rust (RHSA-2025:7313)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7313 advisory. Rust agent for Keylime Security Fixes: rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 For more details about the...
RHEL 9 : python3.12-cryptography (RHSA-2025:7317)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7317 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...
Fedora: Security Advisory (FEDORA-2025-a13867ecbc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-c263d3ebd9)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for s390-tools
This update for s390-tools fixes the following issues: Revendored vendor.tar.zst CVE-2025-3416: Fixed use-after-free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242622 Added the new IBM z17 9175 processor type The package is built with the new 4096bit RSA secure boot signing key. Pat...
SUSE-SU-2025:20352-1 Security update for s390-tools
This update for s390-tools fixes the following issues: - CVE-2025-3416: s390-tools: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242622 - Amended the .spec file - Updated the 'service' file - Removed the obsolete file 'cargoconfig' - Updated 'cputype' and...
Security update for cargo-c
This update for cargo-c fixes the following issues: CVE-2025-3416: use-after-free in Md::fetch and Cipher::fetch of rust-openssl crate bsc1242675. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
SUSE-SU-2025:1570-1 Security update for cargo-c
This update for cargo-c fixes the following issues: - CVE-2025-3416: use-after-free in Md::fetch and Cipher::fetch of rust-openssl crate bsc1242675...
SUSE-SU-2025:1560-1 Security update for rustup
This update for rustup fixes the following issues: - CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242617...
rust-openssl: rust openssl ssl::select_next_proto use after free
A flaw was found in the rust-openssl package. In certain versions, ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cau...
rust-openssl: rust openssl ssl::select_next_proto use after free
A flaw was found in the rust-openssl package. In certain versions, ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cau...