These security issues were fixed: - SRTP Memory Leak (CVE-2014-3513). - Session Ticket Memory Leak (CVE-2014-3567). - Fixed incomplete no-ssl3 build option (CVE-2014-3568). - Add support for TLS_FALLBACK_SCSV (CVE-2014-3566).
NOTE: This update alone DOESN'T FIX the POODLE SSL protocol vulnerability. OpenSSL only adds downgrade detection support for client applications. See https://www.suse.com/support/kb/doc.php?id=7015773 for mitigations.
openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8