Security update for compat-openssl097g
SUSE Security Update: Security update for compat-openssl097g
The SLES 9 compatibility package compat-openssl097g received a roll up
update fixing various security issues:
* Build option no-ssl3 is incomplete (CVE-2014-3568)
* Add support for TLS_FALLBACK_SCSV (CVE-2014-3566)
* Information leak in pretty printing functions (CVE-2014-3508)
* OCSP bad key DoS attack (CVE-2013-0166)
* SSL/TLS CBC plaintext recovery attack (CVE-2013-0169)
* Anonymous ECDH denial of service (CVE-2014-3470)
* SSL/TLS MITM vulnerability (CVE-2014-0224)
Security Issues:
* CVE-2013-0166
* CVE-2013-0169
* CVE-2014-0224
* CVE-2014-3470
* CVE-2014-3508
* CVE-2014-3566
* CVE-2014-3568
Announcement ID: | SUSE-SU-2014:1557-1 |
Rating: | moderate |
References: | #802184 #880891 #890764 #901223 #901277 #905106 |
Affected Products: |
An update that fixes 7 vulnerabilities is now available.
Description:
The SLES 9 compatibility package compat-openssl097g received a roll up
update fixing various security issues:
* Build option no-ssl3 is incomplete (CVE-2014-3568)
* Add support for TLS_FALLBACK_SCSV (CVE-2014-3566)
* Information leak in pretty printing functions (CVE-2014-3508)
* OCSP bad key DoS attack (CVE-2013-0166)
* SSL/TLS CBC plaintext recovery attack (CVE-2013-0169)
* Anonymous ECDH denial of service (CVE-2014-3470)
* SSL/TLS MITM vulnerability (CVE-2014-0224)
Security Issues:
* CVE-2013-0166
* CVE-2013-0169
* CVE-2014-0224
* CVE-2014-3470
* CVE-2014-3508
* CVE-2014-3566
* CVE-2014-3568
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise for SAP Applications 11 SP1:
zypper in -t patch slesapp1-compat-openssl097g-10032
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise for SAP Applications 11 SP1 (x86_64):
- compat-openssl097g-0.9.7g-146.22.25.1
- compat-openssl097g-32bit-0.9.7g-146.22.25.1
References:
- http://support.novell.com/security/cve/CVE-2013-0166.html
- http://support.novell.com/security/cve/CVE-2013-0169.html
- http://support.novell.com/security/cve/CVE-2014-0224.html
- http://support.novell.com/security/cve/CVE-2014-3470.html
- http://support.novell.com/security/cve/CVE-2014-3508.html
- http://support.novell.com/security/cve/CVE-2014-3566.html
- http://support.novell.com/security/cve/CVE-2014-3568.html
- https://bugzilla.suse.com/show_bug.cgi?id=802184
- https://bugzilla.suse.com/show_bug.cgi?id=880891
- https://bugzilla.suse.com/show_bug.cgi?id=890764
- https://bugzilla.suse.com/show_bug.cgi?id=901223
- https://bugzilla.suse.com/show_bug.cgi?id=901277
- https://bugzilla.suse.com/show_bug.cgi?id=905106
- http://download.suse.com/patch/finder/?keywords=1d970165e44d09f727b7c89af11e885f