openSUSE: 2012:0083-1: important: openssl
Description
Various security vulnerabilities have been fixed in openssl: - DTLS plaintext recovery attack (CVE-2011-4108) - uninitialized SSL 3.0 padding (CVE-2011-4576) - malformed RFC 3779 data can cause assertion failures (CVE-2011-4577) - SGC restart DoS attack (CVE-2011-4619) - invalid GOST parameters DoS attack (CVE-2012-0027)
Patch
Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch libopenssl-devel-5634 - openSUSE 11.3: zypper in -t patch libopenssl-devel-5634 To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 11.4 (i586 x86_64): libopenssl-devel-1.0.0c-18.23.1 libopenssl1_0_0-1.0.0c-18.23.1 openssl-1.0.0c-18.23.1 - openSUSE 11.4 (x86_64): libopenssl1_0_0-32bit-1.0.0c-18.23.1 - openSUSE 11.4 (noarch): openssl-doc-1.0.0c-18.23.1 - openSUSE 11.3 (i586 x86_64): libopenssl-devel-1.0.0-6.13.1 libopenssl1_0_0-1.0.0-6.13.1 openssl-1.0.0-6.13.1 - openSUSE 11.3 (x86_64): libopenssl1_0_0-32bit-1.0.0-6.13.1 - openSUSE 11.3 (noarch): openssl-doc-1.0.0-6.13.1
References
https://www.suse.com/security/cve/CVE-2011-4108.html https://www.suse.com/security/cve/CVE-2011-4576.html https://www.suse.com/security/cve/CVE-2011-4577.html https://www.suse.com/security/cve/CVE-2011-4619.html https://www.suse.com/security/cve/CVE-2012-0027.html https://bugzilla.novell.com/739719
