Security Bulletin: A security vulnerability has been identified in GSKit shipped with IBM Spectrum Scale V4 (CVE-2016-2183)

Summary A security vulnerability has been identified in one of the cipher suites supported by GSKit Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, us...

Security Bulletin: POODLE vulnerability in SSLv3 affects IBM CICS Transaction Gateway (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. Supported versions of CICS Transaction Gateway for Mutliplatforms and CICS Transaction Gateway for Desktop Edition are affected by POODLE. Vulnerability Details CV...

OracleVM 3.3 / 3.4 : openssh (OVMSA-2016-0038)

The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices 1245969 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317816 - SSH2MSGDISCONNECT for user initiate...

Oracle: Security Advisory (ELSA-2014-1552)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 6 : openssh (CESA-2014:1552)

Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Scientific Linux Security Update : openssh on SL6.x i386/x86_64 (20141014)

It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record. CVE-2014-2653 It was found th...

openssh security, bug fix, and enhancement update

5.3p1-104 - ignore SIGXFSZ in postauth monitor child 1133906 5.3p1-103 - don't try to generate DSA keys in the init script in FIPS mode 1118735 5.3p1-102 - ignore SIGPIPE in ssh-keyscan 1108836 5.3p1-101 - ssh-add: fix fatal exit when removing card 1042519 5.3p1-100 - fix race in backported...

Moderate: Red Hat Security Advisory: openssh security, bug fix, and enhancement update

Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...