What Are You Looking For?

Sign Up
   SUSE Security Update: Security update for OpenSSL
______________________________________________________________________________

Announcement ID:    SUSE-SU-2014:1409-1
Rating:             important
References:         #901223 #901277 
Cross-References:   CVE-2014-3566 CVE-2014-3568
Affected Products:
                    SLE CLIENT TOOLS 10 for x86_64
                    SLE CLIENT TOOLS 10 for s390x
                    SLE CLIENT TOOLS 10
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:


   This OpenSSL update fixes the following issues:

       * Build option no-ssl3 is incomplete (CVE-2014-3568)
       * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)

   Security Issues:

       * CVE-2014-3566
         
       * CVE-2014-3568
         

Indications:

   Everybody should update.


Package List:

   - SLE CLIENT TOOLS 10 for x86_64 (x86_64):

      openssl-0.9.8a-18.86.2
      openssl-32bit-0.9.8a-18.86.2

   - SLE CLIENT TOOLS 10 for s390x (s390x):

      openssl-0.9.8a-18.86.2
      openssl-32bit-0.9.8a-18.86.2

   - SLE CLIENT TOOLS 10 (i586):

      openssl-0.9.8a-18.86.2


References:

   http://support.novell.com/security/cve/CVE-2014-3566.html
   http://support.novell.com/security/cve/CVE-2014-3568.html
   https://bugzilla.suse.com/show_bug.cgi?id=901223
   https://bugzilla.suse.com/show_bug.cgi?id=901277
   http://download.suse.com/patch/finder/?keywords=a7e7c559a3525ff6c6964f0a67ea2bd8

SuSE: 2014:1409-1: important: OpenSSL

November 12, 2014
An update that fixes two vulnerabilities is now available

Summary

This OpenSSL update fixes the following issues: * Build option no-ssl3 is incomplete (CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3566 * CVE-2014-3568 Indications: Everybody should update. Package List: - SLE CLIENT TOOLS 10 for x86_64 (x86_64): openssl-0.9.8a-18.86.2 openssl-32bit-0.9.8a-18.86.2 - SLE CLIENT TOOLS 10 for s390x (s390x): openssl-0.9.8a-18.86.2 openssl-32bit-0.9.8a-18.86.2 - SLE CLIENT TOOLS 10 (i586): openssl-0.9.8a-18.86.2

References

#901223 #901277

Cross- CVE-2014-3566 CVE-2014-3568

Affected Products:

SLE CLIENT TOOLS 10 for x86_64

SLE CLIENT TOOLS 10 for s390x

SLE CLIENT TOOLS 10

http://support.novell.com/security/cve/CVE-2014-3566.html

http://support.novell.com/security/cve/CVE-2014-3568.html

https://bugzilla.suse.com/show_bug.cgi?id=901223

https://bugzilla.suse.com/show_bug.cgi?id=901277

http://download.suse.com/patch/finder/?keywords=a7e7c559a3525ff6c6964f0a67ea2bd8

Severity
Announcement ID: SUSE-SU-2014:1409-1
Rating: important

Related News

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Linux 6.7 Introduces "make hardening.config" To Help Build A Hardened Kernel

Nov 5, 2023

Widespread Xorg DoS, Privilege Escalation Vulns Fixed

Nov 13, 2023

Linux 6.6 Brings New Scheduler, File Sharing and Security

Nov 2, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo