[SECURITY] Fedora 40 Update: nss-3.103.0-1.fc40

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

Security Bulletin: Sweet32 Birthday attacks on 64-bit block ciphers in TLS affect Content Manager for z/OS (CVE-2016-2183)

Summary System SSL's SSL V2, SSL V3 and TLS protocols support the use of Triple DES ciphers and are susceptible to the Sweet32 Birthday attack vulnerability. This vulnerability affects exploiters acting as either clients or servers. Content Manager 8 Resource Manager on z/OS uses System SSL and...

Mandriva Linux Security Advisory : openssl (MDVSA-2015:019)

Multiple vulnerabilities has been discovered and corrected in openssl : A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack CVE-2014-3571. A memory leak can occur in the dtls1bufferrecord...

Updated openssl packages fix security vulnerabilities

A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack CVE-2014-3571. A memory leak can occur in the dtls1bufferrecord function under certain conditions. In particular this could occur if an...

Fedora 20 : rubygem-httpclient-2.4.0-2.fc20 (2014-13040)

Updated to 2.4.0 which stops hard-coding ssl v3 and allows ssl negotiation Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducin...

Vulnerability in OpenSSL - no-ssl3 configuration sets method to NULL

When openssl is built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference. Found by Frank Schmirler...

openssl security update

CentOS Errata and Security Advisory CESA-2012:0086 Updated openssl packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

IBM DB2 9.1 < Fix Pack 9 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.1 running on the remote host is affected by one or more of the following issues : - The 'MODIFIED SQL DATA' table function is not dropped when a definer loses required privileges to maintain the objects. IZ46773 - A privilege escalation...

[SECURITY] Fedora 11 Update: nss-3.12.6-1.2.fc11

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

[SECURITY] Fedora Core 5 Update: nss-3.11.5-0.5.0.fc5

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

CentOS 4 : gnutls (CESA-2005:430)

Updated GnuTLS packages that fix a remote denial of service vulnerability are available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GnuTLS library implements Secure Sockets Layer SSL v3 and Transport Laye...