Oval Definition:oval:org.mitre.oval:def:28481
Revision Date:2015-01-26Version:3
Title:SUSE-SU-2014:1512-1 -- Security update for compat-openssl098 (moderate)
Description:compat-openssl098 was updated to fix three security issues.NOTE: this update alone DOESN'T FIX the POODLE SSL protocol vulnerability.OpenSSL only adds downgrade detection support for client applications. Seehttps://www.suse.com/support/kb/doc.php?id=7015773 for mitigations.These security issues were fixed:- Session ticket memory leak (CVE-2014-3567).- Fixed build option no-ssl3 (CVE-2014-3568).- Added support for TLS_FALLBACK_SCSV (CVE-2014-3566).
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-3566
CVE-2014-3567
CVE-2014-3568
SUSE-SU-2014:1512-1
Platform(s):SUSE Linux Enterprise Desktop 12
Product(s):compat-openssl098
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Packages match section
  • compat-openssl098-debugsource is earlier than 0:0.9.8j-62.1
  • OR libopenssl0_9_8 is earlier than 0:0.9.8j-62.1
  • OR libopenssl0_9_8-debuginfo is earlier than 0:0.9.8j-62.1
  • BACK