Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base

0

Mageia 2019-0106: openssl security update

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid p… Continue Reading —...

0

Mageia 2019-0105: python-gnupg security update

When symmetric encryption is used, data can be injected through the passphrase property of the gnupg.GPG.encrypt() and gnupg.GPG.decrypt() methods. The supplied passphrase is not validated for newlines, and the library passes –passphrase-fd=0 to the g… Continue Reading — Mageia 2019-0105: python-gnupg security update

0

Mageia 2019-0103: gnutls security update

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to… Continue Reading...

0

Mageia 2019-0104: nagios security update

A flaw was found in Nagios Core version 4.4.1 and earlier. The qh_help function is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX … Continue Reading — Mageia...

Follow

Get every new post delivered to your Inbox

Join other followers

Page 1992 of 2989