Recommended update for openssl-certs

SUSE Recommended Update: Recommended update for openssl-certs
Announcement ID: SUSE-RU-2020:14282-1
Rating: moderate
References: #1144169 #1160160
Affected Products:
  • SUSE Linux Enterprise Server 11-SP4-LTSS
  • SUSE Linux Enterprise Point of Sale 11-SP3

An update that has two recommended fixes can now be installed.

Description:

This update for openssl-certs fixes the following issues:
openssl-certs was updated to the 2.40 state of the Mozilla NSS Certificate store (bsc#1160160):
Removed certificates:

  • Certplus Class 2 Primary CA
  • Deutsche Telekom Root CA 2
  • CN=Swisscom Root CA 2
  • UTN-USERFirst-Client Authentication and Email
  • Certinomis - Root CA

Added certificates:
  • Entrust Root Certification Authority - G4
  • emSign ECC Root CA - C3 (email and server auth)
  • emSign ECC Root CA - G3 (email and server auth)
  • emSign Root CA - C1 (email and server auth)
  • emSign Root CA - G1 (email and server auth)
  • Hongkong Post Root CA 3 (server auth)

Patch Instructions:

To install this SUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Server 11-SP4-LTSS:
    zypper in -t patch slessp4-openssl-certs-14282=1
  • SUSE Linux Enterprise Point of Sale 11-SP3:
    zypper in -t patch sleposp3-openssl-certs-14282=1

Package List:

  • SUSE Linux Enterprise Server 11-SP4-LTSS (noarch):
    • openssl-certs-2.40-0.7.12.1
  • SUSE Linux Enterprise Point of Sale 11-SP3 (noarch):
    • openssl-certs-2.40-0.7.12.1

References: