OpenSSL Man in the Middle CVE-2014-0224 CVE-2014-0221 CVE-2014-3470
This document (7015162) is provided subject to the disclaimer at the end of this document.
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
* SSL/TLS MITM vulnerability. (CVE-2014-0224)
* DTLS recursion flaw. (CVE-2014-0221)
* Anonymous ECDH denial of service. (CVE-2014-3470)
For SLES 10 SP3 LTSS:
Fix was released in the openssl-0.9.8a-22.214.171.124 rpm. Manual Download
For SLES 10 SP4 LTSS:
Fix was released in the openssl-0.9.8a-18.82.4 rpm. Manual Download
For SLES 11 SP2 LTSS:
Fix was released in openssl-0.9.8j-0.58.1. Manual Download
For SLES 11 SP3:
Fix was released in openssl-0.9.8j-0.58.1 rpm. Manual Download
Update all other openssl components to the same rpm version.
It is suggested to update the openssl rpm to the latest available.
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7015162
- Creation Date: 10-Jun-2014
- Modified Date:28-Sep-2022
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com