NetScaler 10.5 to 12.0 affected by two TLS Vulnerabilities

Yesterday, Citrix released two Security Bulletins related to TLS vulnerabilities with Citrix NetScaler v10.5 up to 12.0. These are:

CTX230238 (CVE-2017-17382): TLS Padding Oracle Vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway, and
CTX230612 (CVE-2017-17549): Information Disclosure in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Client TLS Handshake – VPX only.

Citrix recommends a firmware update of all affected NetScaler / Gateway instances to these builds (or newer):

DTLS DDos Attacks: new Citrix ADC / Gateway Firmware… Related to the article Current DDoS Attacks against Citrix ADC…
Citrix Deployment Guides This post is intended to collect links and URLs related…
SD-WAN Multiple Security Updates Yesterday (Oct, 22 2018), Citrix released CTX236992 which describes multiple…
Random Background Images on NetScaler Gateway Page In the case you or your customer likes to have…
Citrix License Server Vulnerabilities Yesterday, Sep 25, Citrix reported multiple Dnieal-of-Service vulnerabilities with License…
Multi-Domain Considerations with NetScaler Gateway… Citrix released a series of Blog articles related to multi-domain…