Skip to Main Content

Infrastructure Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Security Vulnerabilities for older openssl and libcurl shared libraries - can yum update resolve this on OL8?

OpenSSL 1.0.2 < 1.0.2b Multiple Vulnerabilities (Plugin – 84154) CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792

Path : /usr/lib/beyondtrust/pb/libssl.so.1.0.0

Reported version: 1.0.2a Fixed version: 1.0.2b

OpenSSL 1.0.2 < 1.0.2e Multiple Vulnerabilities (Plugin – 87222) CVE-2015-1794,CVE-2015-3193,CVE-2015-3194,CVE-2015-3195

Path : /usr/lib/beyondtrust/pb/libssl.so.1.0.0

Reported version: 1.0.2a Fixed version: 1.0.2e

OpenSSL 1.0.2 < 1.0.2g Multiple Vulnerabilities (Plugin – 89082) CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800

Path : /usr/lib/beyondtrust/pb/libssl.so.1.0.0

Reported version: 1.0.2a Fixed version: 1.0.2g

OpenSSL 1.0.2 < 1.0.2h Multiple Vulnerabilities (Plugin – 90891) CVE-2016-2105,CVE-2016-2106,CVE-2016-2107,CVE-2016-2109,CVE-2016-2176

Path : /usr/lib/beyondtrust/pb/libssl.so.1.0.0

Reported version: 1.0.2a Fixed version: 1.0.2h

OpenSSL < 1.0.2i Default Weak 64-bit Block Cipher (SWEET32) (Plugin – 93112) CVE-2016-2183

Path : /usr/lib/beyondtrust/pb/libssl.so.1.0.0

Reported version: 1.0.2a Fixed version: 1.0.2i

OpenSSL 1.0.2 < 1.0.2za Vulnerability 152780 CVE-2021-3712
Path : /usr/lib/beyondtrust/pb/libssl.so.1.0.0

Reported version: 1.0.2a Fixed version: 1.0.2za

OpenSSL 1.0.2 < 1.0.2zd Vulnerability 158973 CVE-2022-0778
Path : /usr/lib/beyondtrust/pb/libssl.so.1.0.0

Reported version: 1.0.2a Fixed version: 1.0.2zd

OpenSSL 1.0.2 < 1.0.2ze Vulnerability 160480 CVE-2022-1292

Path : /usr/lib/beyondtrust/pb/libssl.so.1.0.0

Reported version: 1.0.2a Fixed version: 1.0.2ze

OpenSSL 1.0.2 < 1.0.2zf Vulnerability 162419 CVE-2022-2068

Path : /usr/lib/beyondtrust/pb/libssl.so.1.0.0

Reported version: 1.0.2a Fixed version: 1.0.2zf

OpenSSL 1.0.2 < 1.0.2zg Multiple Vulnerabilities 171080 CVE-2022-4304,CVE-2023-0215,CVE-2023-0286

Path : /usr/lib/beyondtrust/pb/libssl.so.1.0.0

Reported version : 1.0.2a Fixed version: 1.0.2zg (this seems to be the latest that would fix all of the others)

libcurl 7.32.0 < 8.9.1 DoS (CVE-2024-7264) 205024 CVE-2024-7264
Path : /usr/lib/beyondtrust/pb/libcurl.so.4.3.0

Installed version: 7.40.0 Fixed version: 8.9.1

Comments

Dwayne Miller Jan 14 2025

FYI… the stack trace shows this method as the one responsible for the exception, but not sure how it is trying to determine the local offset.

Oracle.DataAccess.Types.TimeStamp.GetLocalTZOffset()

1 - 1

Post Details

Added on Nov 8 2024
0 comments
115 views