Red Hat Security Advisory 2018-2713-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Issues addressed include denial of service and traversal vulnerabilities.
16c2056d090785be8a94fc1a5ad4fcf383eef85c7a47bbb4b6f442c4d6911e12
Red Hat Security Advisory 2018-2575-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Issues addressed include denial of service and traversal vulnerabilities.
23b1e7103f814a2701427f105de8aeeedf3a5b0e15d6ccbb1452af8c7f352335
Red Hat Security Advisory 2018-2568-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Issues addressed include denial of service and traversal vulnerabilities.
81773aa1b0c169ccfc2ecf36d8c9f4c0317742188a742e2b2301bcb4c9f0dc85
HPE Security Bulletin HPESBHF03741 1 - Potential security vulnerabilities with OpenSSL have been addressed for HPE Network products including Comware 7, IMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information, or locally exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.
273a8e07f2cfd72d286f3067512289a13cef04a30487bc2abfabe81687e89a5e
HP Security Bulletin HPSBST03642 3 - Security vulnerabilities in OpenSSL and OpenSSH were addressed in HPE StoreVirtual products using LeftHand OS. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information, additional OpenSSL and OpenSSH vulnerabilities which could be remotely exploited resulting in arbitrary code execution, unauthorized access, disclosure of information, or Denial of Service (DoS). Revision 3 of this advisory.
864bcff09d4a86c839035348112fa45614c1f5e5a95ea128a61d9122002eb2f1
HP Security Bulletin HPSBMU03685 1 - Multiple potential security vulnerabilities have been identified in HPE Insight Control server provisioning (ICsp) software. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), arbitrary code execution, arbitrary command execution, unauthorized access to files or disclosure of sensitive information. Revision 1 of this advisory.
7c572b3e24df1d149872d9d6f48b13a5c0031cc58055e6a8a1c95b1c448324e2
Red Hat Security Advisory 2016-2957-01 - This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. Security Fix: This update fixes several flaws in OpenSSL.
74baff33a674c45e41ccf55a650db1510528f79d7721465b4047850b17a58f49
Apple Security Advisory 2016-10-27-1 - Xcode 8.1 is now available and addresses code execution vulnerabilities.
df4e9e18d07031af03162429c5cf5f429609a92fcbc73263b3a265198afd9ef3
HP Security Bulletin HPSBGN03553 1 - HP OneView has addressed stack based buffer overflows in glibc's implementation of getaddrinfo() and also a vulnerability in OpenSSL. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of the user running glibc library. Revision 1 of this advisory.
3617e671a811e5e4891b16d55373f0c543a2327eaeb55d97e84f1a429f8e0a07
HP Security Bulletin HPSBMU03612 1 - Multiple potential security vulnerabilities have been identified with HPE Insight Control (IC) on Windows which could be exploited remotely resulting in Denial of Service (DoS), Unauthorized Access, Cross-site scripting (XSS), Execution of Arbitrary code, Disclosure of Sensitive Information,Remote Code Execution and locally resulting in Cross-site Request Forgery (CSRF). Revision 1 of this advisory.
55b881f2a237e07f9560dcebcf5f78996c72fe03931da60fb9afbd2da087871d
HP Security Bulletin HPSBMU03611 1 - Multiple potential security vulnerabilities have been identified with the Matrix Operating Environment on Windows and Linux that could be exploited remotely resulting in Denial of Service (DoS), Unauthorized Access, Execution of arbitrary code, Cross-site scripting (XSS), Disclosure of Sensitive Information, Code Execution, and locally resulting in Cross-site Request Forgery (CSRF). Revision 1 of this advisory.
07f921689053d6bedbb8e1f9fc233c8b5f70902577e1ef3c8ec264ef9e30544e
HP Security Bulletin HPSBMU03600 1 - HPE Insight Control server provisioning has addressed security vulnerabilities in OpenSSL that could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.
341dae9f50ec43fb24b92ecde65911dbb8eba0c9ce6d5266796050698f106475
HP Security Bulletin HPSBMU03601 1 - HPE Insight Control server deployment has addressed the following security vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN" which could be exploited remotely resulting in disclosure of information Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) Multiple vulnerabilities that can be exploited locally resulting in Cross-site scripting (XSS), and Information Disclosure. Revision 1 of this advisory.
5d35db5021a3e1e977bf248f0f4d2e0973624f00926593096b12913d74b63dac
HP Security Bulletin HPSBGN03587 1 - 3rd party code template: A security vulnerability in Open vSwitch could potentially impact HPE Helion OpenStack resulting in a remote denial of Service (DoS) or arbitrary command execution. HPE Helion OpenStack has also addressed several OpenSSL vulnerabilities including: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) or other impacts. Revision 1 of this advisory.
d4fceaa0ba4a7864b939e73b9efc7e9a3c3d9f771140a67054d955accf574196
HP Security Bulletin HPSBHF03594 1 - Security vulnerabilities in OpenSSL have been addressed by HPE ConvergedSystem 500 & 900 and HPE AppSystems for SAP HANA. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification. Revision 1 of this advisory.
d33fe09cf5ca02681f9ac76ff30e6bbf0d623c549fe9a315a6a3243d9bd2c5e5
HP Security Bulletin HPSBMU03590 1 - Several potential security vulnerabilities have been identified in HPE Systems Insight Manager (SIM) on Windows and Linux. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), execution of arbitrary code, disclosure of information, Cross-site Request Forgery (CSRF), and Cross-site scripting (XSS). Revision 1 of this advisory.
0d87e5cf948c457cbccb5fbac35b83c4012fe852b7698e47171b0b53a8f1b615
HP Security Bulletin HPSBHF03592 1 - Several potential security vulnerabilities have been identified in the OpenFlow Virtual Appliance (OVA) version of the HPE VAN SDN Controller using OpenSSL which could be exploited remotely to allow Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification of information. Revision 1 of this advisory.
034fac9d639f999dd1ac333a177536ca76a9567fe5bfd2edf74d7dbd4e25500b
HP Security Bulletin HPSBMU03575 1 - HP Smart Update Manager (SUM) has addressed the following vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) or other impacts. Revision 1 of this advisory.
951b9459376328c5cc2cb9fbe9d2e7233b6bd702b9e72e647dbe0a71bf95c52e
HP Security Bulletin HPSBGN03569 2 - Potential security vulnerabilities have been identified in the server running HP OneView for VMware vCenter (OV4VC) version 7.8.1 or earlier. The vulnerabilities may lead to remote disclosure of information. Revision 2 of this advisory.
fef3d41637e48d083862ff126529ccde22bdff9c792cc65ee94e07dafe71a719
HP Security Bulletin HPSBGN03569 1 - Potential security vulnerabilities have been identified in the server running HP OneView for VMware vCenter (OV4VC) version 7.8.1 or earlier. The vulnerabilities may lead to remote disclosure of information. Revision 1 of this advisory.
ba96f809d6edd6493b69b5512fafd074d2553430432ef066408a44fa3cf3e38b
HP Security Bulletin HPSBGN03563 1 - Security vulnerabilities in the OpenSSL library could potentially impact HPE IceWall products resulting in local or remote Denial of Service (DoS) and local disclosure of sensitive information. Revision 1 of this advisory.
57d02e5956b8e30e3dcc52080b4967e3e1c4122e0888e933cc4d3579340a64cc
Gentoo Linux Security Advisory 201603-15 - Multiple vulnerabilities have been found in OpenSSL, the worst allowing remote attackers to decrypt TLS sessions. Versions less than 1.0.2g-r2 are affected.
6f0722d9e284f07b269abf7998e9e52da12fdf8dcb8e32ab4f709a7b253f0481
FreeBSD Security Advisory - A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. Note that traffic between clients and non-vulnerable servers can be decrypted provided another server supporting SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP3) shares the RSA keys of the non-vulnerable server. This vulnerability is known as DROWN. Various other issues were also addressed.
3dc25b95a3b0e894796bebc78d2c22db92393a6b8fa48106e84605e40b76a348
Red Hat Security Advisory 2016-0379-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions.
1cc214b641b5bda32f5dc10666b2a6b70654295af330c0b73323cea0e135646c
Slackware Security Advisory - New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
264c7d3a0be7e52080a43814d32ce36c6ea5a6fb431cee874379e6cfa549c6e4