Recommended update for openssl-certs

Announcement ID: SUSE-RU-2020:14282-1
Rating: moderate
References:
Affected Products:
  • SUSE Linux Enterprise Point of Service 11 SP3
  • SUSE Linux Enterprise Server 11 SP4
  • SUSE Linux Enterprise Server 11 SP4 LTSS 11-SP4

An update that has two fixes can now be installed.

Description:

This update for openssl-certs fixes the following issues:

openssl-certs was updated to the 2.40 state of the Mozilla NSS Certificate store (bsc#1160160):

Removed certificates:

  • Certplus Class 2 Primary CA
  • Deutsche Telekom Root CA 2
  • CN=Swisscom Root CA 2
  • UTN-USERFirst-Client Authentication and Email
  • Certinomis - Root CA

Added certificates:

  • Entrust Root Certification Authority - G4
  • emSign ECC Root CA - C3 (email and server auth)
  • emSign ECC Root CA - G3 (email and server auth)
  • emSign Root CA - C1 (email and server auth)
  • emSign Root CA - G1 (email and server auth)
  • Hongkong Post Root CA 3 (server auth)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Point of Service 11 SP3
    zypper in -t patch sleposp3-openssl-certs-14282=1
  • SUSE Linux Enterprise Server 11 SP4 LTSS 11-SP4
    zypper in -t patch slessp4-openssl-certs-14282=1
  • SUSE Linux Enterprise Server 11 SP4
    zypper in -t patch slessp4-openssl-certs-14282=1

Package List:

  • SUSE Linux Enterprise Point of Service 11 SP3 (noarch)
    • openssl-certs-2.40-0.7.12.1
  • SUSE Linux Enterprise Server 11 SP4 LTSS 11-SP4 (noarch)
    • openssl-certs-2.40-0.7.12.1
  • SUSE Linux Enterprise Server 11 SP4 (noarch)
    • openssl-certs-2.40-0.7.12.1

References: