Security update for openssl-certs

SUSE Security Update: Security update for openssl-certs

Announcement ID:	SUSE-SU-2014:0331-1
Rating:	moderate
References:	#860581 #865080
Affected Products:	SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3

An update that contains security fixes can now be installed. It includes one version update.

Description:

The openssl-certs package was updated to match the
certificates contained in the Mozilla NSS 3.15.4 release.

Following changes were done to the list of root CAs:

* Added: ACCVRAIZ1.pem (Spain) (all trusts)
* Added: SG_TRUST_SERVICES_RACINE.pem (Singapore)
(email signing only)
* Added: TWCA_Global_Root_CA.pem (Taiwanese) (all
trusts)
* Removed: Wells_Fargo_Root_CA.pem

If openssl1 is available as a command line tool, also
certificate hashes for openssl1 are created (bnc#860581).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-openssl-certs-8924
SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-openssl-certs-8924
SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-openssl-certs-8924

To bring your system up-to-date, use "zypper patch".

Package List:

SUSE Linux Enterprise Server 11 SP3 for VMware (noarch) [New Version: 1.96]:

openssl-certs-1.96-0.4.1
SUSE Linux Enterprise Server 11 SP3 (noarch) [New Version: 1.96]:

openssl-certs-1.96-0.4.1
SUSE Linux Enterprise Desktop 11 SP3 (noarch) [New Version: 1.96]:

openssl-certs-1.96-0.4.1

References:

https://bugzilla.novell.com/860581
https://bugzilla.novell.com/865080
http://download.novell.com/patch/finder/?keywords=2e6212dfd06bf5b40fad9f634955a6d6