Download
| Alert*
oval:org.secpod.oval:def:89001305
libopenssl1_0_0 is installed oval:org.secpod.oval:def:89046431 This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash oval:org.secpod.oval:def:89046428 This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash oval:org.secpod.oval:def:89044816 This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] Security issues fixed: - CVE-2016-7055: The x86_64 optimized montgomery multiplication may produce incorrect results - CVE-2017-3731: Truncated packet could crash via OOB read - CVE-2017-37 ... oval:org.secpod.oval:def:89048992 This update for openssl-1_0_0 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . oval:org.secpod.oval:def:89051141 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service . oval:org.secpod.oval:def:89051124 This update for openssl1 fixes the following issues: * CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service . oval:org.secpod.oval:def:89051140 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service . oval:org.secpod.oval:def:3302420 Security update for openssl-1_0_0 oval:org.secpod.oval:def:3302462 Security update for openssl-1_0_0 oval:org.secpod.oval:def:89051573 This update for openssl fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . oval:org.secpod.oval:def:89051631 This update for openssl-1_0_0 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file . oval:org.secpod.oval:def:89051643 This update for openssl1 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file . oval:org.secpod.oval:def:89051544 This update for openssl-1_0_0 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . oval:org.secpod.oval:def:89051640 This update for openssl-1_0_0 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file . oval:org.secpod.oval:def:3300755 SUSE Security Update: Security update for openssl-1_0_0 oval:org.secpod.oval:def:89044808 This update for openssl fixes the following issues: - OpenSSL Security Advisory [07 Dec 2017] * CVE-2017-3737: OpenSSL 1.0.2 introduced an \error state\ mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fai ... oval:org.secpod.oval:def:89044657 This update for openssl fixes the following issues: Security issues fixed: - CVE-2017-3735: openssl1,openssl: Malformed X.509 IPAdressFamily could cause OOB read - CVE-2017-3736: openssl: bn_sqrx8x_internal carry bug on x86_64 - Out of bounds read+crash in DES_fcrypt - openssl DEFAULT_SUSE cipher ... oval:org.secpod.oval:def:89043975 This update for openssl fixes the following issues: - CVE-2018-0732: During key agreement in a TLS handshake using a DH based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key fo ... oval:org.secpod.oval:def:89049170 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-3446: Fixed DH_check excessive time with over sized modulus . oval:org.secpod.oval:def:89049177 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-3446: Fixed DH_check excessive time with over sized modulus . oval:org.secpod.oval:def:89049153 This update for openssl1 fixes the following issues: * CVE-2023-3446: Fixed DH_check excessive time with over sized modulus . oval:org.secpod.oval:def:89049197 This update for openssl fixes the following issues: * CVE-2023-3446: Fixed DH_check excessive time with over sized modulus . oval:org.secpod.oval:def:3301535 Security update for openssl-1_0_0 oval:org.secpod.oval:def:89048914 This update for openssl fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . oval:org.secpod.oval:def:89048913 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . oval:org.secpod.oval:def:89049264 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value oval:org.secpod.oval:def:89048938 This update for openssl1 fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . * Update further expiring certificates that affect tests oval:org.secpod.oval:def:89048922 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . oval:org.secpod.oval:def:89049278 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value oval:org.secpod.oval:def:89048809 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . * CVE-2023-0466: Certificate policy check were not enabled . oval:org.secpod.oval:def:89048735 This update for openssl fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . * CVE-2023-0466: Certificate policy check were not enabled . oval:org.secpod.oval:def:89048733 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . * CVE-2023-0466: Certificate policy check were not enabled . oval:org.secpod.oval:def:89048611 This update for openssl-1_0_0 fixes the following issues: Security fixes: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints . Other fixes: * Fix DH key generation in FIPS mode, add support for constant BN for DH parameters oval:org.secpod.oval:def:89048507 This update for openssl1 fixes the following issues: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints . oval:org.secpod.oval:def:89048644 This update for openssl-1_0_0 fixes the following issues: Security fixes: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints . Other fixes: * Fix DH key generation in FIPS mode, add support for constant BN for DH parameters oval:org.secpod.oval:def:89048520 This update for openssl fixes the following issues: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints . oval:org.secpod.oval:def:89048740 This update for openssl1 fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . * CVE-2023-0466: Certificate policy check were not enabled . oval:org.secpod.oval:def:89048533 This update for openssl fixes the following issues: * CVE-2023-0286: Fixed X.400 address type confusion in X.509 GeneralNameFixed . * CVE-2023-0215: Fixed a use-after-free following BIO_new_NDEF . * CVE-2022-4304: Fixed a timing oracle in RSA decryption . The following non-security bug were fixed: * ... oval:org.secpod.oval:def:89049075 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . * CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF . * CVE-2022-4304: Fixed timing Oracle in RSA Decryption . oval:org.secpod.oval:def:3300323 SUSE Security Update: Security update for openssl-1_0_0 oval:org.secpod.oval:def:3300786 SUSE Security Update: Security update for openssl-1_0_0 oval:org.secpod.oval:def:89045539 This update for openssl fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89045554 This update for openssl-1_0_0 fixes the following issues: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89045556 This update for openssl-1_0_0 fixes the following issues: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] |