Security update for axis
SUSE Security Update: Security update for axis
| Announcement ID: | SUSE-SU-2019:1373-1 |
| Rating: | moderate |
| References: | #1134598 |
| Cross-References: | CVE-2012-5784 CVE-2014-3596 |
| Affected Products: |
|
An update that fixes two vulnerabilities is now available.
Description:
This update for axis fixes the following issues:
Security issue fixed:
- CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name (bsc#1134598).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:
zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-1373=1 - SUSE Linux Enterprise Module for Basesystem 15:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-1373=1
Package List:
- SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (noarch):
- axis-manual-1.4-5.8.1
- SUSE Linux Enterprise Module for Basesystem 15 (noarch):
- axis-1.4-5.8.1