Optional OpenSSL 1.0 Libraries
SUSE Optional Update: Optional OpenSSL 1.0 Libraries
This update provides OpenSSL version 1.0.1g, delivered as
an additional library version that can coexist with the
original OpenSSL 0.9.8j from SUSE Linux Enterprise 11.
OpenSSL 1.0 brings modern features such as:
* TLS 1.2 support
* AES-GCM cipher support
Installing these packages will only make the library
available on the system. All current programs will still
be using OpenSSL 0.9.8j. You can however use this library
to build and link your own programs.
We will also release parallel software versions that will
benefit from OpenSSL 1.0, currently planned is the Postfix
Mail Server package.
For development, install the "libopenssl1-devel" package
instead of "libopenssl-devel".
The library version shipped in this update already includes
the upstream fix for the "HeartBleed" issue
(CVE-2014-0160).
Additionally, the update fixes a use-after-free issue in
SSL buffer handling (CVE-2010-5298).
| Announcement ID: | SUSE-OU-2014:0565-1 |
| Rating: | low |
| References: | #860332 #861014 #864912 #869945 #872299 #873351 |
| Affected Products: |
An update that has 6 optional fixes can now be installed.
Description:
This update provides OpenSSL version 1.0.1g, delivered as
an additional library version that can coexist with the
original OpenSSL 0.9.8j from SUSE Linux Enterprise 11.
OpenSSL 1.0 brings modern features such as:
* TLS 1.2 support
* AES-GCM cipher support
Installing these packages will only make the library
available on the system. All current programs will still
be using OpenSSL 0.9.8j. You can however use this library
to build and link your own programs.
We will also release parallel software versions that will
benefit from OpenSSL 1.0, currently planned is the Postfix
Mail Server package.
For development, install the "libopenssl1-devel" package
instead of "libopenssl-devel".
The library version shipped in this update already includes
the upstream fix for the "HeartBleed" issue
(CVE-2014-0160).
Additionally, the update fixes a use-after-free issue in
SSL buffer handling (CVE-2010-5298).
Indications:
Install if you want to use or build software against OpenSSL 1.0.
Patch Instructions:
To install this SUSE Optional Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Security Module 11 SP3:
zypper in -t patch secsp3-libopenssl1-devel-9134
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Security Module 11 SP3 (i586 ia64 ppc64 s390x x86_64):
- libopenssl1-devel-1.0.1g-0.12.1
- libopenssl1_0_0-1.0.1g-0.12.1
- openssl1-1.0.1g-0.12.1
- openssl1-doc-1.0.1g-0.12.1
- SUSE Linux Enterprise Security Module 11 SP3 (ppc64 s390x x86_64):
- libopenssl1_0_0-32bit-1.0.1g-0.12.1
- SUSE Linux Enterprise Security Module 11 SP3 (ia64):
- libopenssl1_0_0-x86-1.0.1g-0.12.1
References:
- https://bugzilla.novell.com/860332
- https://bugzilla.novell.com/861014
- https://bugzilla.novell.com/864912
- https://bugzilla.novell.com/869945
- https://bugzilla.novell.com/872299
- https://bugzilla.novell.com/873351
- http://download.suse.com/patch/finder/?keywords=10ac3e160ff3ce8822aa89f079839bce