5 matches found
Security Bulletin: Vulnerability in OpenSSL affects Power Hardware Management Console (CVE-2021-3449).
Summary OpenSSL is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-3449 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signaturealgorithms processing. By sending a...
SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2021:2323-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2323-1 advisory. Update nodejs10 to 10.24.1. Including fixes for - CVE-2021-22918: libuv upgrade - Out of bounds read bsc1187973 - CVE-2021-27290: ssri Regular...
MGASA-2021-0176 Updated openssl packages fix security vulnerability
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...
SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2021:0954-1)
This update for openssl-11 fixes the following security issue : CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension but includes a...
OPENSUSE-SU-2021:0476-1 Security update for openssl-1_1
This update for openssl-11 fixes the security issue: CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension but includes a signaturealgorithmscert...