Download
| Alert*
oval:org.secpod.oval:def:63623
openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:66805 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: side-channel weak encryption vulnerability * openssl: information disclosure in fork * openssl: informat ... oval:org.secpod.oval:def:64111 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:1000861 The remote host is missing a patch 151913-16 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000871 The remote host is missing a patch 151912-16 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:117157 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:117130 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:2105362 In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted wit ... oval:org.secpod.oval:def:69912 Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey and it was discovered that a feature of the random number generator intended to protect against shared RNG state between parent and child processes in the ... oval:org.secpod.oval:def:89000572 This update for openssl-1_1 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . - CVE-2019-1563: Fixed bleichenbacher attack against cms/pkcs7 encryptioon transported key . - ... oval:org.secpod.oval:def:59577 Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey and it was discovered that a feature of the random number generator intended to protect against shared RNG state between parent and child processes in the ... oval:org.secpod.oval:def:705491 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:58643 The host is installed with OpenSSL 1.1.1 through 1.1.1c and is prone to a fork protection vulnerability. A flaw is present in the application which fails to handle the issue in random number generator (RNG). Successful exploitation allows an attacker to make the parent and child processes share the ... oval:org.secpod.oval:def:1504181 [1.1.1c-15] - add selftest of the RAND_DRBG implementation [1.1.1c-14] - fix incorrect error return value from FIPS_selftest_dsa - S390x: properly restore SIGILL signal handler [1.1.1c-12] - additional fix for the edk2 build [1.1.1c-9] - disallow use of SHA-1 signatures in TLS in FIPS mode [1.1.1c-8 ... oval:org.secpod.oval:def:2105354 OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A ... oval:org.secpod.oval:def:69520 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: side-channel weak encryption vulnerability * openssl: information disclosure in fork * openssl: informat ... oval:org.secpod.oval:def:604551 Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey and it was discovered that a feature of the random number generator intended to protect against shared RNG state between parent and child processes in the ... oval:org.secpod.oval:def:1700364 In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted wit ... |