Red Hat Security Advisory 2019-3935-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Issues addressed include bypass and denial of service vulnerabilities.
38d04c60a0844680fb8dbf1f69783df06839251f87cb4f8f1f68b024aae0c58dRed Hat Security Advisory 2019-3932-01 - This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Issues addressed include bypass and denial of service vulnerabilities.
f949d1cc276a7bf012b0e797c6862801bf97e2c5aaac95a796e59d77b371fb59Red Hat Security Advisory 2019-3933-01 - This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Issues addressed include bypass and denial of service vulnerabilities.
dac80e1c3458729338d3267cf431efdab4daa1ca2b791a55f1f323f8a84c4bb4Debian Linux Security Advisory 4355-1 - Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.
b913df49694577978d9065ec818547f4d3d6619f2cbbc393194fc7e2ac40992aDebian Linux Security Advisory 4348-1 - Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.
984666d462c32381f4c81ceeb80d94d68254862db64e2525c9fc37e73b61fd81Gentoo Linux Security Advisory 201811-21 - Multiple vulnerabilities have been found in OpenSSL, the worst of which may lead to a Denial of Service condition. Versions less than 1.0.2o are affected.
c1d2c4c1f169d7444a8ec783ed15c7533f43aef45a89c4f6cbccef76230c09e9Red Hat Security Advisory 2018-3505-01 - Red Hat Ansible Tower 3.3.1 is now available and contains a large amount of security fixes.
5a18fce8ca273b8a62b85b1a2bf4e5b4df4fb5583a3543625bcc53528045ab49Red Hat Security Advisory 2018-3221-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a denial of service vulnerability.
f834291e7efc55a6d4018d8ba12fd62c80f36b5a912355996aca5eab461c7cffOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
ebbfc844a8c8cc0ea5dc10b86c9ce97f401837f3fa08c17b2cdadc118253cf99Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix security issues.
6e711887d2814ee045ff01a89ca03e6b1ae678c324141c1fa0b6f5d63c441183Ubuntu Security Notice 3692-1 - Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Guido Vranken discovered that OpenSSL incorrectly handled very large prime values during a key agreement. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys. Various other issues were also addressed.
64a55400d3928d560eed60fa189b3f16e104aacf734c115775b42e7ec6f162c5Ubuntu Security Notice 3692-2 - USN-3692-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Various other issues were also addressed.
c9a4413cce1293192cef94ae1323f4ac3f80a693b84d4dd16582f330058c726dUbuntu Security Notice 3628-2 - USN-3628-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys. Various other issues were also addressed.
b97eef64acda8f70ac874f053e082d5142efeacf22be47d9cfa82d52b78aea64Ubuntu Security Notice 3628-1 - Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys.
2b906fe54f8dc8733e2e48459df788f7e92245ff6eede0444543bfe996334f6dOpenSSL Security Advisory 20180416 - The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key.
581c7fa15f265616cc367ae71f6de43d4bb9e454c88eb4259b677109a01c9944
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed