Red Hat Security Advisory 2016-2957-01 - This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. Security Fix: This update fixes several flaws in OpenSSL.
74baff33a674c45e41ccf55a650db1510528f79d7721465b4047850b17a58f49HP Security Bulletin HPSBHF03613 1 - Potential security vulnerabilities in OpenSSL have been addressed with HPE network products including iMC, VCX, Comware 5 and Comware 7. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access. Revision 1 of this advisory.
9167fdcf073265b0be894bab391505d9b9700dc7bb114d588f30e9567cafc92bGentoo Linux Security Advisory 201506-2 - Multiple vulnerabilities have been found in OpenSSL that can result in either Denial of Service or information disclosure. Versions less than 1.0.1o are affected.
b959832120295fdb5bd555f5691546a5d3d9c082cbb839a74bf11f43345d673fRed Hat Security Advisory 2015-1115-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. A flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.
1b03a59ced9eb1deb3dcf1406ad52dd97e4fd2cb4f2722a75565166a58d99154Debian Linux Security Advisory 3287-1 - Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets Layer toolkit.
8973598b9eab155137f8a27dab1743defaf1d92670002f5b25f202a1b6fea269Ubuntu Security Notice 2639-1 - Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. Joseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed ECParameters structures. A remote attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service. Various other issues were also addressed.
87ad9ec34f5dbae6e3c6015b65bc10b48a02bfcae5965f3f1a193df6f7b60390OpenSSL Security Advisory 20150611 - When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field. Other issues were also addressed.
e259b40e3a90a46bb96aac9b7b13501d043b19e0a29743d79533debfb1a522c2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed