Download
| Alert*
oval:org.secpod.oval:def:89003185
This update for openssl fixes the following issues: OpenSSL Security Advisory [10 September 2019] - CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance . - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key . oval:org.secpod.oval:def:63623 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:89003405 This update for openssl fixes the following issues: OpenSSL Security Advisory [10 September 2019] - CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance . - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key . oval:org.secpod.oval:def:89003451 This update for openssl fixes the following issues: - Included the missing cms and pk7 fixes of CVE-2019-1563 . oval:org.secpod.oval:def:66805 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: side-channel weak encryption vulnerability * openssl: information disclosure in fork * openssl: informat ... oval:org.secpod.oval:def:89003414 This update for openssl-1_0_0 fixes the following issues: OpenSSL Security Advisory [10 September 2019] * CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. * CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key In addition fixed invalid c ... oval:org.secpod.oval:def:64111 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:64112 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:60340 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:65699 openssl1.0: Secure Socket Layer cryptographic library and tools - openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:67024 openssl1.0: Secure Socket Layer cryptographic library and tools - openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:89050923 This update for openssl-1_1 fixes the following issues: OpenSSL Security Advisory [10 September 2019] * CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. * CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key oval:org.secpod.oval:def:89050750 This update for openssl-1_1 fixes the following issues: OpenSSL Security Advisory [10 September 2019] * CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. * CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key oval:org.secpod.oval:def:1000861 The remote host is missing a patch 151913-16 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:117157 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:117130 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:1000871 The remote host is missing a patch 151912-16 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1601106 In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted wit ... oval:org.secpod.oval:def:63624 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:89000572 This update for openssl-1_1 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . - CVE-2019-1563: Fixed bleichenbacher attack against cms/pkcs7 encryptioon transported key . - ... oval:org.secpod.oval:def:705491 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:1504181 [1.1.1c-15] - add selftest of the RAND_DRBG implementation [1.1.1c-14] - fix incorrect error return value from FIPS_selftest_dsa - S390x: properly restore SIGILL signal handler [1.1.1c-12] - additional fix for the edk2 build [1.1.1c-9] - disallow use of SHA-1 signatures in TLS in FIPS mode [1.1.1c-8 ... oval:org.secpod.oval:def:1700317 Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters . In those cases it is possible that such a group does not have the cofactor present. This can oc ... oval:org.secpod.oval:def:604551 Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey and it was discovered that a feature of the random number generator intended to protect against shared RNG state between parent and child processes in the ... oval:org.secpod.oval:def:604550 Two security issues were discovered in OpenSSL: A timing attack against ECDSA and a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey. oval:org.secpod.oval:def:2105362 In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted wit ... oval:org.secpod.oval:def:69912 Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey and it was discovered that a feature of the random number generator intended to protect against shared RNG state between parent and child processes in the ... oval:org.secpod.oval:def:58642 The host is installed with OpenSSL 1.1.0 through 1.1.0k, 1.0.2 through 1.0.2s or 1.1.1 through 1.1.1c and is prone to a padding Oracle attack vulnerability. A flaw is present in the application which fails to handle the public RSA key. Successful exploitation allows an attacker to recover a CMS/PKCS ... oval:org.secpod.oval:def:59577 Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey and it was discovered that a feature of the random number generator intended to protect against shared RNG state between parent and child processes in the ... oval:org.secpod.oval:def:59576 Two security issues were discovered in OpenSSL: A timing attack against ECDSA and a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey. oval:org.secpod.oval:def:69520 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: side-channel weak encryption vulnerability * openssl: information disclosure in fork * openssl: informat ... oval:org.secpod.oval:def:1700364 In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted wit ... |