Security update for sblim-sfcb

Announcement ID: SUSE-SU-2017:1008-1
Rating: moderate
References:
Affected Products:
  • Security Module for SUSE Linux Enterprise 11 11-SP3
  • SLES for SAP Applications 11-SP4
  • SUSE Linux Enterprise Server 11 SP4

An update that has three security fixes can now be installed.

Description:

This update for sblim-sfcb fixes the following issues:

Feature enhancements: - A seperate sblim-sfcb-openssl1 package was added to the SECURITY Module. (fate#322032/bsc#1012814)

This package can be installed additionaly, and the SysV Init script will pick the openssl1 variant on the next start, offering TLS 1.2 support on the WBEM SSL socket.

Bugfixes: - Add sslNoSSLv3 and sslNoTLSv1 configuration options (bsc#923349, bsc#1008130)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • Security Module for SUSE Linux Enterprise 11 11-SP3
    zypper in -t patch secsp3-sblim-sfcb-13061=1
  • SUSE Linux Enterprise Server 11 SP4
    zypper in -t patch slessp4-sblim-sfcb-13061=1
  • SLES for SAP Applications 11-SP4
    zypper in -t patch slessp4-sblim-sfcb-13061=1

Package List:

  • Security Module for SUSE Linux Enterprise 11 11-SP3 (s390x x86_64 i586 ppc64 ia64)
    • sblim-sfcb-openssl1-1.3.11-0.28.1
  • SUSE Linux Enterprise Server 11 SP4 (s390x x86_64 i586 ppc64 ia64)
    • sblim-sfcb-1.3.11-0.28.1
  • SLES for SAP Applications 11-SP4 (ppc64 x86_64)
    • sblim-sfcb-1.3.11-0.28.1

References: