dcsimg
Linux Today: Linux News On Internet Time.








More on LinuxToday

Security Linux News for Jul 30, 2002

  • EnGarde Secure Linux Advisory: openssl, openssl-misc (2004-03-17 17:29:04)
    "Using a commercial TLS protocol testing suite the OpenSSL Project discovered three vulnerabilities in the OpenSSL toolkit..."

  • Debian GNU/Linux Advisory: openssl (2003-10-01 15:52:11)
    "Dr. Stephen Henson, using a test suite provided by NISCC, discovered a number of errors in the OpenSSL ASN1 code..."

  • SuSE Linux Advisory: openssl (2003-04-04 17:14:01)
    "Researchers from the University of Stanford have discovered certain weaknesses in OpenSSL's RSA decryption algorithm..."

  • Trustix Secure Linux Advisory: openssl (2003-02-22 12:59:14)
    "OpenSSL version since 0.9.6c supposedly treat block cipher padding errors like MAC verification errors during record decryption..."

  • Trustix Secure Linux Advisory: util-linux (2002-07-30 21:54:06)
    "The chfn feature of the util-linux package shipped with all versions of TSL suffers from a locally exploitable file locking problem..."

  • SuSE Linux Advisory: openssl (2002-07-30 21:52:36)
    "Several buffer overflows have been discovered in the OpenSSL library affecting the SSL implementation, as well as a signedness issue in the ASN.1 decoding routines..."

  • Debian GNU/Linux Advisory: mm (2002-07-30 21:49:43)
    "Marcus Meissner and Sebastian Krahmer discovered and fixed a temporary file vulnerability in the mm shared memory library..."

  • Red Hat Linux Advisory: openssl (2002-07-30 15:45:44)
    "A security audit of the OpenSSL code sponsored by DARPA found several buffer overflows in OpenSSL which affect versions 0.9.7 and 0.9.6d and earlier.."

  • Trustix Secure Linux Advisory: openssl (2002-07-30 15:44:29)
    "Several severe security problems have been found in the openssl source code which upon the TSL openssl packages are based..."

  • EnGarde Secure Linux Advisory: openssl, openssl-misc (2002-07-30 14:29:30)
    "There are several potentially exploitable vulnerabilities in the OpenSSL toolkit..."

  • Debian GNU/Linux Advisory: openssl (2002-07-30 14:29:00)
    "The OpenSSL development team has announced that a security audit by A.L. Digital Ltd and The Bunker, under the DARPA CHATS program, has revealed remotely exploitable buffer overflow conditions in the OpenSSL code..."