Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:0841-1

Опубликовано: 10 апр. 2014
Источник: suse-cvrf

Описание

Recommended update for mono-core

This update adds handling of SHA256 hashes to parts of the X509 Certificate classes in the C# implementation of Mono (bnc#871362) and improves handling of non-existing certificate revocation lists (bnc#810747, bnc#606002).

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3
bytefx-data-mysql-2.6.7-0.11.2
ibm-data-db2-2.6.7-0.11.2
mono-core-2.6.7-0.11.2
mono-data-2.6.7-0.11.2
mono-data-firebird-2.6.7-0.11.2
mono-data-oracle-2.6.7-0.11.2
mono-data-postgresql-2.6.7-0.11.2
mono-data-sqlite-2.6.7-0.11.2
mono-data-sybase-2.6.7-0.11.2
mono-devel-2.6.7-0.11.2
mono-extras-2.6.7-0.11.2
mono-jscript-2.6.7-0.11.2
mono-locale-extras-2.6.7-0.11.2
mono-nunit-2.6.7-0.11.2
mono-wcf-2.6.7-0.11.2
mono-web-2.6.7-0.11.2
mono-winforms-2.6.7-0.11.2
monodoc-core-2.6.7-0.11.2
SUSE Linux Enterprise Server 11 SP3
mono-core-2.6.7-0.11.2
mono-data-2.6.7-0.11.2
mono-data-postgresql-2.6.7-0.11.2
mono-data-sqlite-2.6.7-0.11.2
mono-locale-extras-2.6.7-0.11.2
mono-nunit-2.6.7-0.11.2
mono-web-2.6.7-0.11.2
mono-winforms-2.6.7-0.11.2
SUSE Linux Enterprise Server 11 SP3-TERADATA
mono-core-2.6.7-0.11.2
mono-data-2.6.7-0.11.2
mono-data-postgresql-2.6.7-0.11.2
mono-data-sqlite-2.6.7-0.11.2
mono-locale-extras-2.6.7-0.11.2
mono-nunit-2.6.7-0.11.2
mono-web-2.6.7-0.11.2
mono-winforms-2.6.7-0.11.2
SUSE Linux Enterprise Server for SAP Applications 11 SP3
mono-core-2.6.7-0.11.2
mono-data-2.6.7-0.11.2
mono-data-postgresql-2.6.7-0.11.2
mono-data-sqlite-2.6.7-0.11.2
mono-locale-extras-2.6.7-0.11.2
mono-nunit-2.6.7-0.11.2
mono-web-2.6.7-0.11.2
mono-winforms-2.6.7-0.11.2
SUSE Linux Enterprise Software Development Kit 11 SP3
bytefx-data-mysql-2.6.7-0.11.2
mono-core-2.6.7-0.11.2
mono-data-2.6.7-0.11.2
mono-data-firebird-2.6.7-0.11.2
mono-data-oracle-2.6.7-0.11.2
mono-data-postgresql-2.6.7-0.11.2
mono-data-sqlite-2.6.7-0.11.2
mono-data-sybase-2.6.7-0.11.2
mono-devel-2.6.7-0.11.2
mono-extras-2.6.7-0.11.2
mono-jscript-2.6.7-0.11.2
mono-locale-extras-2.6.7-0.11.2
mono-nunit-2.6.7-0.11.2
mono-wcf-2.6.7-0.11.2
mono-web-2.6.7-0.11.2
mono-winforms-2.6.7-0.11.2
mono-winfxcore-2.6.7-0.11.2
monodoc-core-2.6.7-0.11.2

Ссылки

Описание

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:bytefx-data-mysql-2.6.7-0.11.2
SUSE Linux Enterprise Desktop 11 SP3:ibm-data-db2-2.6.7-0.11.2
SUSE Linux Enterprise Desktop 11 SP3:mono-core-2.6.7-0.11.2
SUSE Linux Enterprise Desktop 11 SP3:mono-data-2.6.7-0.11.2
Ссылки

Описание

The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:bytefx-data-mysql-2.6.7-0.11.2
SUSE Linux Enterprise Desktop 11 SP3:ibm-data-db2-2.6.7-0.11.2
SUSE Linux Enterprise Desktop 11 SP3:mono-core-2.6.7-0.11.2
SUSE Linux Enterprise Desktop 11 SP3:mono-data-2.6.7-0.11.2
Ссылки

Описание

The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:bytefx-data-mysql-2.6.7-0.11.2
SUSE Linux Enterprise Desktop 11 SP3:ibm-data-db2-2.6.7-0.11.2
SUSE Linux Enterprise Desktop 11 SP3:mono-core-2.6.7-0.11.2
SUSE Linux Enterprise Desktop 11 SP3:mono-data-2.6.7-0.11.2
Ссылки