Download
| Alert*
|
oval:org.secpod.oval:def:98826
The host is installed with Oracle MySQL Server through 8.0.35 or through 8.2.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Packaging (OpenSSL). Successful exploitation allows attackers to affect Confidentiality. oval:org.secpod.oval:def:2108525 Oracle Solaris 11 - ( CVE-2023-5363 ) oval:org.secpod.oval:def:98827 The host is installed with Oracle MySQL Server through 8.0.35 or through 8.2.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Packaging (OpenSSL). Successful exploitation allows attackers to affect Confidentiality. oval:org.secpod.oval:def:708541 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:95378 Tony Battersby reported that incorrect cipher key and IV length processing in OpenSSL, a Secure Sockets Layer toolkit, may result in loss of confidentiality for some symmetric cipher modes. Additional details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20231024.txt oval:org.secpod.oval:def:509104 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: openssl: Incorrect cipher key and IV length processing For more details about the security issue, including the impa ... oval:org.secpod.oval:def:96830 The host is installed with Oracle MySQL Server through 8.0.35 or through 8.2.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Packaging (OpenSSL). Successful exploitation allows attackers to affect Confidentiality. oval:org.secpod.oval:def:94198 The host is installed with OpenSSL 3.0.0 through 3.0.11 or 3.1.0 through 3.1.3 and is prone to a incorrect cipher key and IV length processing vulnerability. A flaw is present in the application, which fails to properly handle issues in processing of key and initialisation vector (IV) lengths. On su ... oval:org.secpod.oval:def:2600484 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. oval:org.secpod.oval:def:19500484 A bug has been identified in the processing of key and initialisation vector lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers.A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cip ... oval:org.secpod.oval:def:97378 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:612747 Tony Battersby reported that incorrect cipher key and IV length processing in OpenSSL, a Secure Sockets Layer toolkit, may result in loss of confidentiality for some symmetric cipher modes. Additional details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20231024.txt oval:org.secpod.oval:def:89051005 This update for openssl-3 fixes the following issues: * CVE-2023-5363: Incorrect cipher key and IV length processing. * CVE-2023-3817: Add test of DH_check with q = p + 1 oval:org.secpod.oval:def:96485 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:94194 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:1507278 [1:3.0.7-25.0.1] - Replace upstream references [Orabug: 34340177] [1:3.0.7-25] - Provide relevant diagnostics when FIPS checksum is corrupted Resolves: RHEL-5317 - Don"t limit using SHA1 in KDFs in non-FIPS mode. Resolves: RHEL-5295 - Provide empty evp_properties section in main OpenSSL configuratio ... oval:org.secpod.oval:def:89051006 This update for openssl-3 fixes the following issues: * CVE-2023-5363: Incorrect cipher key and IV length processing. * CVE-2023-3817: Add test of DH_check with q = p + 1 oval:org.secpod.oval:def:3302021 Security update for openssl-3 |
