Oval Definition:oval:org.mitre.oval:def:28273
Revision Date:2015-01-26Version:4
Title:SUSE-SU-2014:1524-1 -- Security update for openssl (moderate)
Description:openssl was updated to fix four security issues.These security issues were fixed:- SRTP Memory Leak (CVE-2014-3513).- Session Ticket Memory Leak (CVE-2014-3567).- Fixed incomplete no-ssl3 build option (CVE-2014-3568).- Add support for TLS_FALLBACK_SCSV (CVE-2014-3566).NOTE: This update alone DOESN'T FIX the POODLE SSL protocol vulnerability.OpenSSL only adds downgrade detection support for client applications. Seehttps://www.suse.com/support/kb/doc.php?id=7015773 for mitigations.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-3513
CVE-2014-3566
CVE-2014-3567
CVE-2014-3568
SUSE-SU-2014:1524-1
Platform(s):SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Server 12
Product(s):openssl
Definition Synopsis
  • SUSE Linux Enterprise Server 12 release section
  • SUSE Linux Enterprise Server 12 is installed
  • AND openssl-doc is earlier than 0:1.0.1i-5.1
  • SUSE Linux Enterprise Desktop 12 release section
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Packages match section
  • libopenssl1_0_0 is earlier than 0:1.0.1i-5.1
  • OR libopenssl1_0_0-debuginfo is earlier than 0:1.0.1i-5.1
  • OR openssl is earlier than 0:1.0.1i-5.1
  • OR openssl-debuginfo is earlier than 0:1.0.1i-5.1
  • OR openssl-debugsource is earlier than 0:1.0.1i-5.1
  • BACK