Recommended update for openvpn
SUSE Recommended Update: Recommended update for openvpn
| Announcement ID: | SUSE-RU-2015:1407-1 |
| Rating: | moderate |
| References: | #914166 #928802 |
| Affected Products: |
An update that has two recommended fixes can now be installed.
Description:
This update for OpenVPN provides the following fixes:
- Use correct SHA digest data length and, when running in FIPS mode, use
AES instead of the disallowed blowfish crypto. (bsc#914166)
- Mention actual plugin/doc dirs in openvpn(8) man page.
- Build with large file support on 32 bit systems.
- Applied backport patch to permit TLS 1.1/1.2 version negotiation instead
of sticking to TLS 1.0 exclusively. (bsc#928802)
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2015-411=1 - SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-411=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
- openvpn-2.3.2-14.1
- openvpn-auth-pam-plugin-2.3.2-14.1
- openvpn-auth-pam-plugin-debuginfo-2.3.2-14.1
- openvpn-debuginfo-2.3.2-14.1
- openvpn-debugsource-2.3.2-14.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
- openvpn-2.3.2-14.1
- openvpn-debuginfo-2.3.2-14.1
- openvpn-debugsource-2.3.2-14.1