Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2024.0020
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2024-0020)
Zusammenfassung:	The remote host is missing an update for the 'openssl' package(s) announced via the MGASA-2024-0020 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the MGASA-2024-0020 advisory. Vulnerability Insight: The updated packages fix security vulnerabilities: Excessive time spent in DH check / generation with large Q parameter value. (CVE-2023-5678) POLY1305 MAC implementation corrupts vector registers on PowerPC. (CVE-2023-6129) Excessive time spent checking invalid RSA public keys. (CVE-2023-6237) PKCS12 Decoding crashes. (CVE-2024-0727) Affected Software/OS: 'openssl' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 6.1 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-5678 1.0.2zj git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055 1.1.1x git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c 3.0.13 git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017 3.1.5 git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6 OpenSSL Advisory https://www.openssl.org/news/secadv/20231106.txt http://www.openwall.com/lists/oss-security/2024/03/11/1 Common Vulnerability Exposure (CVE) ID: CVE-2023-6129 https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35 https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015 3.2.1 git commit https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04 https://www.openssl.org/news/secadv/20240109.txt Common Vulnerability Exposure (CVE) ID: CVE-2023-6237 https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294 https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d https://www.openssl.org/news/secadv/20240115.txt Common Vulnerability Exposure (CVE) ID: CVE-2024-0727 https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539 https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8 https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2 https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a https://www.openssl.org/news/secadv/20240125.txt
Copyright	Copyright (C) 2024 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.