HPE Security Bulletin HPESBHF03765 1 - Potential security vulnerabilities in OpenSSL have been addressed in HPE Network Products including Comware v7 that is applicable for ConvergedSystem 700 solutions. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information. Revision 1 of this advisory.
022069972577db48d8cb81bb5e40218f836f168ecf9948fbce4699190ff05d6dHPE Security Bulletin HPESBHF03756 1 - Potential security vulnerabilities with OpenSSL have been addressed for HPE network products including Comware 7, iMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information. Revision 1 of this advisory.
a0ee99b3d56b95fb9463524723438bd2b461df7691a15596db5994f5045fe8ecHPE Security Bulletin HPESBGN03698 1 - Multiple security vulnerabilities in OpenSSL have been addressed in HPE DDMi. Revision 1 of this advisory.
72e0bf35dd974663c4f5f225e2511c6d4094f26138404130089e9ab9c6be4685Red Hat Security Advisory 2017-0194-01 - This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6 and includes bug fixes and enhancements.
87174b8450d231a37911132f24e96b986faf624c7b0a9cba8fa385f524dd7b74Red Hat Security Advisory 2017-0193-01 - This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6, and includes bug fixes and enhancements.
add426ec965f995c831f757bb8748e79a3bfb0db3b46802a9cf9ad5be73448c2Red Hat Security Advisory 2016-2957-01 - This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. Security Fix: This update fixes several flaws in OpenSSL.
74baff33a674c45e41ccf55a650db1510528f79d7721465b4047850b17a58f49Gentoo Linux Security Advisory 201612-16 - Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack. Versions less than 1.0.2j are affected.
267f0c13083d309d4f011bd2771d90788d5f04ad963b99fcd180d27463f73d7aRed Hat Security Advisory 2016-2073-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.
016924697aba2b3c0ed2a4b898dbf325da5ec9106c04351d7f374f3485979f2cRed Hat Security Advisory 2016-2056-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release includes bug fixes and enhancements, as well as a new release of OpenSSL that addresses a number of outstanding security flaws. For further information, see the knowledge base article linked to in the References section. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. Multiple security issues have been addressed.
ea553c08860849009667df96d4bb4ac9f9ed5393a7a1d6d2528f751f1ce0f397Red Hat Security Advisory 2016-2055-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release includes bug fixes and enhancements, as well as a new release of OpenSSL that addresses a number of outstanding security flaws. For further information, see the knowledge base article linked to in the References section. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.
a7b2eb5a9c12ee9bc53605cee9a680c2b81ac5bb1418a9f70a03df56e04036adRed Hat Security Advisory 2016-2054-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release includes bug fixes and enhancements, as well as a new release of OpenSSL that addresses a number of outstanding security flaws. For further information, see the knowledge base article linked to in the References section. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 7 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.
982c4a7bfd70d24e72be40bff675e274e81f1aba2542d3e8c93db025c8315296Apple Security Advisory 2016-07-18-1 - OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses arbitrary code execution, information disclosure, and various other vulnerabilities.
a2d9354c4a7f6ea06efa521cdd6516fbf0a138a5ca0981e16938eab249ee9d7dHP Security Bulletin HPSBGN03620 1 - Security vulnerabilities in OpenSSL were addressed by HPE Helion OpenStack. The vulnerabilities could be exploited resulting in remote unauthorized data access. A security vulnerability in QEMU was addressed by HPE Helion OpenStack. The vulnerability could be exploited resulting in local unauthorized data access. Revision 1 of this advisory.
d1b612cc70edfce5ba387e8425500e9751b27c175642ca04df19044824c9dfd8Red Hat Security Advisory 2016-1137-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.
ff57ec5fbd7dbdb0badb66c133418e32abb112493bd486514cf34e374e86e95cHP Security Bulletin HPSBGN03610 1 - Security vulnerabilities in the OpenSSL library could potentially impact HPE IceWall products resulting in Remote arbitrary code execution or Denial of Service (DoS). Revision 1 of this advisory.
8cc009ba6907782d4fc8e5af2fb95027485e1b514a4e20492a5f84bc0bfb8b0bRed Hat Security Advisory 2016-0996-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.
e30f7519e808449e16c91c662d98dc42f4e2dc6fc5bfc08f26313f72e14a7848Red Hat Security Advisory 2016-0722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.
20a21fae0cd061a2508b8804879648afc5786156f2cbd54707709f649be74cafSlackware Security Advisory - New openssl packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
3f118981496e63886aa974525d1e2523667d8339e4be3f141768f5ce2db6fa52Ubuntu Security Notice 2959-1 - Huzaifa Sidhpurwala, Hanno Boeck, and David Benjamin discovered that OpenSSL incorrectly handled memory when decoding ASN.1 structures. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. Juraj Somorovsky discovered that OpenSSL incorrectly performed padding when the connection uses the AES CBC cipher and the server supports AES-NI. A remote attacker could possibly use this issue to perform a padding oracle attack and decrypt traffic. Various other issues were also addressed.
3fb297642dda424c9a2fdccf91144e60ea85032eaaa5c25bace6373ceec41e05Debian Linux Security Advisory 3566-1 - Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit.
c4d2a15eb0d1dceb59a021eef09bc9edd0bfe8717d7f9c3514d177c58c51295fOpenSSL Security Advisory 20160503 - This issue affected versions of OpenSSL prior to April 2015. The bug causing the vulnerability was fixed on April 18th 2015, and released as part of the June 11th 2015 security releases. The security impact of the bug was not known at the time. Other issues were also addressed.
c1bd7ca386d1c20c2cc9e48468708819814aeb79be8b47c58d08c86485a8125a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed