By: joanneharris

May 19, 2016 11:26 am


Availability of SAP HANA important to you?

How would zero planned downtime for SAP sound to you? Well now that could actually be attainable. SUSE just introduced SUSE Linux Enterprise Live Patching to help customers running workloads on the SAP HANA platform, SAP NetWeaver technology platform and other SAP applications reduce the business disruption caused by planned downtime, while maintaining a highly secure IT environment. […]

Read More

By: Bryan Lunduke

March 1, 2016 10:24 am


DROWN patches available for SUSE Linux Enterprise

Earlier today a security vulnerability known as “DROWN” was announced.  SUSE was on top of it and already has patches available for SUSE Linux Enterprise. What is “DROWN”? “DROWN” is an acronym that stands for “Decrypting RSA using Obsolete and Weakened eNcryption”.  Also known as CVE-2016-0800. It allows an attacker to decrypt a TLS connection […]

Read More

By: Bryan Lunduke

January 14, 2016 10:24 am


OpenSSH Security Vulnerability information and patch details.

There’s a new security vulnerability in town that goes by the name of CVE-2016-0777 (and CVE-2016-0778). Catchy, I know. In a nutshell, this is a leak in the OpenSSH client that can allow malicious servers to get the private key of a roaming client. Obviously that is not a good thing. This vulnerability works by exploiting an undocumented […]

Read More

By: davidbyte

November 3, 2015 7:07 am


Block and Tackle: SUSE Enterprise Storage 2

Here at SUSE, we are proud to continue our rapid pace of innovation in bringing the best to our customers with the release of SUSE Enterprise Storage 2.  This release does far more than just update the code base to the Ceph Hammer release, and I will attempt to outline some of the great new […]

Read More

By: Bryan Lunduke

July 9, 2015 11:47 am


OpenSSL vulnerability — not a problem for SUSE

A new vulnerability in OpenSSL has been discovered — specifically only if you are running OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o.  This vulnerability relates to certificate validation, and could allow an attacker to bypass that validation. That’s the bad news. The good news is that no releases of SUSE Linux Enterprise (or openSUSE) are affected by […]

Read More

Olaf Kirch
By: Olaf Kirch

May 13, 2015 10:49 am


Of Venoms and Antidotes

Today, a new vulnerability was disclosed by the name of VENOM (CVE-2015-3456), already seeing a fair amount of media attention. In order to help you assess the impact of this vulnerability on your systems, we are collecting background information and provide a prelimary risk assessment for our products. What this attack is all about The […]

Read More

By: Bryan Lunduke

January 29, 2015 9:47 pm


The GHOST Vulnerability : What to know

On January 27th, security researchers announced the discovery of a potential security vulnerability that has been nicknamed “GHOST“.  In short, GHOST takes advantage of an earlier version of glibc that could allow an attacker to cause a buffer overflow, allowing the execution of arbitrary code. This vulnerability is not present in SUSE Linux Enterprise Server […]

Read More

Matthias G. Eckermann
By: Matthias G. Eckermann

October 15, 2014 9:17 am


The POODLE weakness in the SSL protocol (CVE-2014-3566)

Your immediate action is required In short: The POODLE attack to the SSL 3.0 protocol, published last night ( requires server and desktop administrators and desktop users to carefully review their security protocol settings in packages such as HTTP Servers (such as Apache, Tomcat), SMTP Servers (such as Postfix), IMAP Servers, … as well as […]

Read More

By: Bryan Lunduke

September 29, 2014 10:51 am


ShellShock, SUSE and You

This last week, a security vulnerability in the Bash shell — known as the “Bash Bug” or “ShellShock” — was reported.  This vulnerability could allow for executing code on a remote machine and, as such, fixing this security issue was a top priority. Luckily, patches to resolve this vulnerability were created, tested and made available […]

Read More

Matthias G. Eckermann
By: Matthias G. Eckermann

August 22, 2014 2:47 pm


Introducing the SUSE Linux Enterprise 11 Security Module

More on TLS and SSL SUSE has released the “SUSE Linux Enterprise 11 Security Module”, providing enhancements to SUSE Linux Enterprise 11 SP3, which allow customers and partners to build TLS 1.2 compliant infrastructures beyond the https protocol. Looking back … As discussed in my former blog about TLS 1.2, we do not provide OpenSSL […]

Read More