Vulnerability Name:

CVE-2019-1549 (CCN-167021)

Assigned:2018-11-28
Published:2019-09-10
Updated:2020-10-20
Summary:OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).
CVSS v3 Severity:5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
3.2 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
4.8 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
4.2 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-330
CWE-200
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2019-1549

Source: CCN
Type: Oracle CPUOct2019
Oracle Critical Patch Update Advisory - October 2019

Source: XF
Type: UNKNOWN
openssl-cve20191549-info-disc(167021)

Source: CONFIRM
Type: Mailing List, Patch, Vendor Advisory
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-d15aac6c4e

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-d51641f152

Source: BUGTRAQ
Type: UNKNOWN
20191001 [SECURITY] [DSA 4539-1] openssl security update

Source: CONFIRM
Type: UNKNOWN
https://security.netapp.com/advisory/ntap-20190919-0002/

Source: CONFIRM
Type: UNKNOWN
https://support.f5.com/csp/article/K44070243

Source: CONFIRM
Type: UNKNOWN
https://support.f5.com/csp/article/K44070243?utm_source=f5support&utm_medium=RSS

Source: UBUNTU
Type: UNKNOWN
USN-4376-1

Source: DEBIAN
Type: UNKNOWN
DSA-4539

Source: CCN
Type: IBM Security Bulletin 1086981 (Event Streams)
IBM Event Streams is affected by OpenSSL vulnerabilities

Source: CCN
Type: IBM Security Bulletin 1137844 (i)
Multiple vulnerabilities in OpenSSL affect IBM i

Source: CCN
Type: IBM Security Bulletin 1146538 (Watson Studio Local)
Multiple Vulnerabilities in OpenSSL affects IBM Watson Studio Local

Source: CCN
Type: IBM Security Bulletin 1167100 (Cloud Private)
Security Vulnerabilities affect IBM Cloud Private - OpenSSL (CVE-2019-1563, CVE-2019-1549, CVE-2019-1547)

Source: CCN
Type: IBM Security Bulletin 1168564 (PowerAI Vision)
A security vulnerability has been identified in openssl shipped with PowerAI Vision

Source: CCN
Type: IBM Security Bulletin 1171072 (PowerAI)
A security vulnerability has been identified in Openssl shipped with PowerAI.

Source: CCN
Type: IBM Security Bulletin 1172266 (WebSphere MQ for HPE NonStop Server (Itanium))
WebSphere MQ for HP NonStop Server is affected by multiple OpenSSL vulnerabilities (CVE-2019-1547,CVE-2019-1549, CVE-2019-1563)

Source: CCN
Type: IBM Security Bulletin 1282768 (MQ for HPE NonStop)
IBM MQ for HP NonStop Server is affected by multiple OpenSSL vulnerabilities (CVE-2019-1547,CVE-2019-1549, CVE-2019-1563)

Source: CCN
Type: IBM Security Bulletin 1285582 (Watson Explorer Deep Analytics Edition Foundational Components)
Vulnerabilities affect Watson Explorer Foundational Components (CVE-2019-1563, CVE-2019-1549, CVE-2019-1547)

Source: CCN
Type: IBM Security Bulletin 2002869 (Sterling Connect:Direct for HP NonStop)
Multiple Vulnerabilities in OpenSSL Affect IBM Sterling Connect:Direct for HP NonStop

Source: CCN
Type: IBM Security Bulletin 2403993 (Rational Team Concert)
OpenSSL vulnerability affects IBM Rational Team Concert

Source: CCN
Type: IBM Security Bulletin 3609249 (Aspera Faspex)
Aspera Web Applications (Faspex, Console, Orchestrator) are affected by OpenSSL Vulnerabilities (CVE-2019-1547, CVE-2019-1549, CVE-2019-1563)

Source: CCN
Type: IBM Security Bulletin 5694435 (Cisco DCNM for c-type SAN directors and switches)
Vulnerability in DCNM Network Management Software used by IBM c-type SAN directors and switches.

Source: CCN
Type: IBM Security Bulletin 5695629 (Spectrum Protect Backup-Archive Client)
Vulnerabilities in OpenSSL affect IBM Spectrum Protect Backup-Archive Client NetApp Services (CVE-2019-1547, CVE-2019-1549, CVE-2019-1563, CVE-2019-1552)

Source: CCN
Type: IBM Security Bulletin 5973478 (MobileFirst Platform Foundation)
OpenSSL publicly disclosed vulnerability

Source: CCN
Type: IBM Security Bulletin 6091228 (Tivoli Common Reporting)
Information Disclosure in Cognos Business Intelligence (Cognos BI) shipped with Tivoli Common Reporting (CVE-2019-1547, CVE-2019-1549, CVE-2019-1563)

Source: CCN
Type: IBM Security Bulletin 6199286 (Workload Automation)
Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler

Source: CCN
Type: IBM Security Bulletin 6209210 (Tivoli Network Manager IP Edition)
Multiple vulnerabilities have been identified in OpenSSL, a product which ships with IBM Tivoli Nework Manager

Source: CCN
Type: IBM Security Bulletin 6238344 (Watson Speech to Text, Text to Speech)
ICP Speech to Text, Text to Speech - OpenSSL vulnerability fix.

Source: CCN
Type: IBM Security Bulletin 6257789 (Event Streams)
IBM Event Streams affected by multiple vulnerabilities in OpenSSL package

Source: CCN
Type: IBM Security Bulletin 6358055 (Security Guardium Big Data Intelligence)
IBM Security Guardium Insights is affected by IBM SDK, Java Technology Edition Quarterly CPU - Apr 2020 vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6370651 (InfoSphere Master Data Management)
InfoSphere Master Data Management 11.6 affected due to vulnerability in OpenSSL

Source: CCN
Type: IBM Security Bulletin 6382394 (Netcool System Service Monitor)
Multiple vulnerabilities in OpenSSL affect IBM Tivoli Netcool System Service Monitors/Application Service Monitors (CVE-2018-5407,CVE-2020-1967,CVE-2018-0734,CVE-2019-1563,CVE-2019-1549,CVE-2019-1552,CVE-2019-1559,CVE-2018-0735)

Source: CCN
Type: IBM Security Bulletin 6451705 (Cognos Analytics)
IBM Cognos Analytics has addressed multiple vulnerabilities

Source: CCN
Type: OpenSSL Security Advisory [10 September 2019]
OpenSSL Security Advisory [10 September 2019]

Source: CONFIRM
Type: Vendor Advisory
https://www.openssl.org/news/secadv/20190910.txt

Source: N/A
Type: UNKNOWN
N/A

Source: MISC
Type: UNKNOWN
https://www.oracle.com/security-alerts/cpujan2020.html

Source: MISC
Type: UNKNOWN
https://www.oracle.com/security-alerts/cpujul2020.html

Source: MISC
Type: UNKNOWN
https://www.oracle.com/security-alerts/cpuoct2020.html

Source: MISC
Type: UNKNOWN
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openssl:openssl:*:*:*:*:*:*:*:* (Version >= 1.1.1 and <= 1.1.1c)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:openssl:openssl:1.1.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:ibm:i:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:6.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:workload_automation:9.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:workload_automation:9.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:workload_automation:9.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:6.0.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:11.0.0.3:*:foundational_components:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:11.0.1:*:foundational_components:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql_workbench:8.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:2019.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_protect_backup-archive_client:7.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_protect_backup-archive_client:8.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_studio_local:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:powerai_vision:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.2.0:cd:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.2.1:cd:*:*:*:*:*:*
  • OR cpe:/a:ibm:powerai_vision:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:powerai:1.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mq_for_hpe_nonstop:8.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mq_for_hpe_nonstop:8.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:12.0.0:*:deep_analytics:*:foundational_components:*:*:*
  • OR cpe:/a:ibm:watson_explorer:12.0.1:*:deep_analytics:*:foundational_components:*:*:*
  • OR cpe:/a:ibm:watson_explorer:12.0.2.0:*:deep_analytics:*:foundational_components:*:*:*
  • OR cpe:/a:ibm:watson_explorer:12.0.2.2:*:deep_analytics:*:foundational_components:*:*:*
  • OR cpe:/a:ibm:watson_explorer:12.0.3:*:deep_analytics:*:foundational_components:*:*:*
  • OR cpe:/a:ibm:watson_explorer:12.0.3.1:*:deep_analytics:*:foundational_components:*:*:*
  • OR cpe:/a:ibm:watson_explorer:10.0.0.0:*:foundational_components:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:10.0.0.6:*:foundational_components:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:11.0.0.0:*:foundational_components:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:11.0.2.0:*:foundational_components:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:11.0.2.5:*:foundational_components:*:*:*:*:*
  • OR cpe:/a:ibm:aspera_console:3.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_common_reporting:3.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mobilefirst_platform_foundation:7.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:aspera_orchestrator:3.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_protect_backup-archive_client:7.1.8.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_protect_backup-archive_client:8.1.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:workload_automation:9.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.2.1:cd:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:2019.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:2019.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium_big_data_intelligence:1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:netcool/system_service_monitor:4.0.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20191549
    V
    		CVE-2019-1549
    2023-06-22
    oval:org.opensuse.security:def:7630
    P
    		libopenssl-1_1-devel-1.1.1l-150500.15.4 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:765
    P
    		Security update for libtirpc (Important)
    2022-09-19
    oval:org.opensuse.security:def:3045
    P
    		cups-pk-helper-0.2.5-5.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94675
    P
    		libopenssl-1_1-devel-1.1.1l-150400.5.14 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:93821
    P
    		 (Important)
    2022-06-16
    oval:org.opensuse.security:def:170
    P
    		libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:112741
    P
    		libopenssl-1_1-devel-1.1.1l-1.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:69752
    P
    		Security update for MozillaFirefox (Important)
    2021-11-10
    oval:org.opensuse.security:def:57116
    P
    		Security update for postgresql10 (Important)
    2021-10-20
    oval:org.opensuse.security:def:106213
    P
    		libopenssl-1_1-devel-1.1.1l-1.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:63199
    P
    		cyrus-sasl-sqlauxprop-2.1.26-5.3.2 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:46910
    P
    		cpio-2.11-29.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47914
    P
    		vorbis-tools-1.4.0-26.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13856
    P
    		java-1_8_0-openjdk-1.8.0.101-14.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47393
    P
    		libpng12-0-1.2.50-19.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13834
    P
    		gnome-settings-daemon-3.20.1-40.5 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47120
    P
    		patch-2.7.5-7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47222
    P
    		colord-gtk-lang-0.1.26-6.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47860
    P
    		ppp-2.4.7-3.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:46994
    P
    		libXi6-1.7.4-9.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47056
    P
    		libopenssl-devel-1.0.2j-55.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47151
    P
    		sblim-sfcb-1.4.8-8.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47444
    P
    		memcached-1.4.33-3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:63522
    P
    		tiff-4.0.9-5.30.28 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:62201
    P
    		libpoppler-cpp0-0.79.0-3.3.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:71929
    P
    		libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1099
    P
    		libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62177
    P
    		libmp3lame0-3.100-1.33 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62178
    P
    		libmpfr6-4.0.2-3.3.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62188
    P
    		libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100946
    P
    		libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:46000
    P
    		Security update for microcode_ctl (Important)
    2021-06-28
    oval:org.opensuse.security:def:45914
    P
    		Security update for libgcrypt (Important)
    2021-06-18
    oval:org.opensuse.security:def:23919
    P
    		Security update for ucode-intel (Important)
    2021-06-10
    oval:org.opensuse.security:def:46755
    P
    		libpcsclite1-1.8.10-3.7 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46543
    P
    		opie-2.4-724.56 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46602
    P
    		yast2-3.1.108-1.16 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46458
    P
    		libXfont1-1.4.7-2.7 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46690
    P
    		krb5-1.12.1-19.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46696
    P
    		libQt5Core5-5.3.2-1.81 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:62847
    P
    		checkbashisms-2.15.1-1.49 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46463
    P
    		libXrender1-0.9.8-3.55 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46661
    P
    		gdk-pixbuf-loader-rsvg-2.40.2-1.13 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46549
    P
    		pcsc-ccid-1.4.14-1.42 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:23910
    P
    		Security update for libwebp (Critical)
    2021-06-02
    oval:org.opensuse.security:def:57190
    P
    		Security update for nghttp2 (Important)
    2021-03-24
    oval:org.opensuse.security:def:55840
    P
    		Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP2) (Important)
    2021-02-10
    oval:org.opensuse.security:def:69857
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:23975
    P
    		Security update for java-1_8_0-ibm (Moderate)
    2021-01-05
    oval:org.opensuse.security:def:13013
    P
    		libksba8-1.3.0-23.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107200
    P
    		libopenssl-1_1-devel-1.1.1d-9.9 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:13107
    P
    		libzip2-0.11.1-13.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62649
    P
    		libIlmImf-2_2-23-2.2.1-3.14.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:12875
    P
    		emacs-24.3-25.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62981
    P
    		policycoreutils-devel-3.0-1.20 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:13174
    P
    		sane-backends-1.0.24-3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:13196
    P
    		tftp-5.2-11.6.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:12905
    P
    		gstreamer-1.8.3-9.5 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:61854
    P
    		libopenssl-1_1-devel-1.1.1d-9.9 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:12998
    P
    		libical1-1.0.1-16.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:13032
    P
    		libnm-glib-vpn1-1.0.12-13.12.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:100534
    P
    		libopenssl-1_1-devel-1.1.1d-9.9 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:13132
    P
    		pam_u2f-1.0.8-3.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62374
    P
    		buildah-1.7.1-3.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:13183
    P
    		squidGuard-1.4-30.6.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:71595
    P
    		libopenssl-1_1-devel-1.1.1d-9.9 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:12883
    P
    		freeradius-server-3.0.19-1.48 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:12951
    P
    		libXfont1-1.5.1-11.3.12 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:116758
    P
    		libopenssl-1_1-devel-1.1.1d-9.9 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:24316
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55555
    P
    		Security update for e2fsprogs (Low)
    2020-12-01
    oval:org.opensuse.security:def:45605
    P
    		Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP3) (Important)
    2020-12-01
    oval:org.opensuse.security:def:18476
    P
    		Security update for libXcursor (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63896
    P
    		Security update for clamav (Important)
    2020-12-01
    oval:org.opensuse.security:def:24505
    P
    		Security update for python-urllib3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18529
    P
    		Security update for nautilus (Low)
    2020-12-01
    oval:org.opensuse.security:def:45730
    P
    		Security update for openssl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18548
    P
    		Security update for libvirt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24556
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:24642
    P
    		Security update for shibboleth-sp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55647
    P
    		Security update for ldb, samba, talloc, tdb, tevent (Important)
    2020-12-01
    oval:org.opensuse.security:def:18075
    P
    		Security update for gstreamer-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:46038
    P
    		Security update for tigervnc (Important)
    2020-12-01
    oval:org.opensuse.security:def:18693
    P
    		Security update for java-1_8_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:24606
    P
    		Security update for libssh2_org (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24875
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55759
    P
    		Security update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:25746
    P
    		Security update for openssl-1_1 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18194
    P
    		Security update for libXcursor (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:46256
    P
    		Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:63951
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25711
    P
    		Security update for python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54339
    P
    		ntp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18282
    P
    		Security update for git (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:46001
    P
    		Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24166
    P
    		Security update for grub2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:49206
    P
    		libopenssl-1_1-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24306
    P
    		Security update for procps (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54717
    P
    		ImageMagick on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18428
    P
    		Security update for libreoffice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18763
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:19215
    P
    		Security update for openssl-1_1 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:46134
    P
    		Security update for dbus-1 (Important)
    2020-12-01
    oval:org.opensuse.security:def:24285
    P
    		Security update to ucode-intel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25015
    P
    		Security update for ghostscript (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54996
    P
    		python-pywbem on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:19189
    P
    		Security update for php5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18297
    P
    		Security update for libnettle (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24477
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25073
    P
    		Security update for sqlite3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:55447
    P
    		update for rsyslog (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18067
    P
    		Security update for libgme (Important)
    2020-12-01
    oval:org.opensuse.security:def:18418
    P
    		Security update for samba and resource-agents (Important)
    2020-12-01
    oval:org.opensuse.security:def:63856
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:24379
    P
    		Security update for openssl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18517
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:45617
    P
    		Security update for glibc (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18510
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:64001
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24586
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:18551
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:66501
    P
    		libopenssl-1_1-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54316
    P
    		libssh2-1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18660
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24568
    P
    		Security update for sqlite3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:19451
    P
    		Security update for openssl-1_1 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24725
    P
    		Security update for targetcli-fb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55721
    P
    		Security update for openssh (Critical)
    2020-12-01
    oval:org.opensuse.security:def:49152
    P
    		libXtst-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18109
    P
    		Security update for libical (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:46122
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:19425
    P
    		Security update for texlive-filesystem (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24928
    P
    		Security update for ucode-intel (Important)
    2020-12-01
    oval:org.opensuse.security:def:54317
    P
    		libssh4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18251
    P
    		Security update for audiofile (Low)
    2020-12-01
    oval:org.opensuse.security:def:18289
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:24093
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:73192
    P
    		libopenssl-1_1-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54479
    P
    		glibc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18318
    P
    		Security update for php5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18751
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:46014
    P
    		Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:24215
    P
    		Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP3) (Important)
    2020-12-01
    oval:org.opensuse.security:def:63654
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73074
    P
    		enscript on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54890
    P
    		libmodplug1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18460
    P
    		Security update for Botan (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18787
    P
    		Security update for php72 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64036
    P
    		Security update for openssl-1_1 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:45604
    P
    		Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP3) (Important)
    2020-12-01
    oval:org.opensuse.security:def:46326
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:24428
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25029
    P
    		Security update for dovecot22 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25276
    P
    		Security update for openssl-1_1 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55162
    P
    		lftp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:66409
    P
    		Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:18332
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:63758
    P
    		Security update for tcpdump (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25244
    P
    		Security update for log4j (Important)
    2020-12-01
    oval:com.redhat.rhsa:def:20201840
    P
    		RHSA-2020:1840: openssl security and bug fix update (Moderate)
    2020-04-28
    oval:org.opensuse.security:def:125059
    P
    		Security update for openssl-1_1 (Moderate)
    2020-01-14
    oval:org.opensuse.security:def:89014
    P
    		Security update for openssl-1_1 (Moderate)
    2020-01-14
    oval:org.opensuse.security:def:126172
    P
    		Security update for openssl-1_1 (Moderate)
    2020-01-14
    oval:org.opensuse.security:def:79824
    P
    		Security update for openssl-1_1 (Moderate)
    2020-01-14
    oval:org.opensuse.security:def:126590
    P
    		Security update for openssl-1_1 (Moderate)
    2020-01-14
    oval:com.ubuntu.disco:def:201915490000000
    V
    		CVE-2019-1549 on Ubuntu 19.04 (disco) - low.
    2019-09-10
    oval:com.ubuntu.bionic:def:201915490000000
    V
    		CVE-2019-1549 on Ubuntu 18.04 LTS (bionic) - low.
    2019-09-10
    BACK
    openssl openssl *
    openssl openssl 1.1.1
    ibm i 7.1
    ibm i 7.2
    ibm i 7.3
    ibm rational team concert 6.0.2
    ibm cognos analytics 11.0
    ibm rational team concert 6.0.6
    ibm workload automation 9.2
    ibm workload automation 9.3
    ibm workload automation 9.4
    ibm rational team concert 6.0.6.1
    ibm i 7.4
    ibm watson explorer 11.0.0.3
    ibm watson explorer 11.0.1
    ibm cognos analytics 11.1
    oracle mysql workbench 8.0.17
    ibm event streams 2019.2.1
    ibm spectrum protect backup-archive client 7.1.0.0
    ibm spectrum protect backup-archive client 8.1.0.0
    ibm watson studio local 1.2.3
    ibm powerai vision 1.1.4
    ibm cloud private 3.2.0 cd
    ibm cloud private 3.2.1 cd
    ibm powerai vision 1.1.3
    ibm powerai 1.5.4
    ibm mq for hpe nonstop 8.1.0
    ibm mq for hpe nonstop 8.0.4
    ibm watson explorer 12.0.0
    ibm watson explorer 12.0.1
    ibm watson explorer 12.0.2.0
    ibm watson explorer 12.0.2.2
    ibm watson explorer 12.0.3
    ibm watson explorer 12.0.3.1
    ibm watson explorer 10.0.0.0
    ibm watson explorer 10.0.0.6
    ibm watson explorer 11.0.0.0
    ibm watson explorer 11.0.2.0
    ibm watson explorer 11.0.2.5
    ibm aspera console 3.3.0
    ibm tivoli common reporting 3.1.3
    ibm mobilefirst platform foundation 7.1.0.0
    ibm aspera orchestrator 3.1.0
    ibm spectrum protect backup-archive client 7.1.8.7
    ibm spectrum protect backup-archive client 8.1.9.0
    ibm workload automation 9.5
    ibm cloud private 3.2.1 cd
    ibm event streams 2019.4.1
    ibm event streams 2019.4.2
    ibm security guardium big data intelligence 1
    ibm netcool/system service monitor 4.0.1