Security update for OpenSSL SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:0545-2 Final 1 1 2014-10-24T22:07:03Z current 2014-10-24T22:07:03Z 2014-10-24T22:07:03Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for OpenSSL This OpenSSL update fixes the following issues: * Session Ticket Memory Leak (CVE-2014-3567) * Build option no-ssl3 is incomplete (CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Security Issues: * CVE-2014-3567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567> * CVE-2014-3566 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566> * CVE-2014-3568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568> The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp3-libopenssl-devel,sledsp3-libopenssl-devel,sleman17sp2-libopenssl-devel,slessp3-libopenssl-devel,slestso13-libopenssl-devel Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ Link for SUSE-SU-2015:0545-2 https://lists.suse.com/pipermail/sle-security-updates/2015-March/001309.html E-Mail link for SUSE-SU-2015:0545-2 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/859228 SUSE Bug 859228 https://bugzilla.suse.com/859924 SUSE Bug 859924 https://bugzilla.suse.com/860332 SUSE Bug 860332 https://bugzilla.suse.com/862181 SUSE Bug 862181 https://bugzilla.suse.com/870192 SUSE Bug 870192 https://bugzilla.suse.com/879179 SUSE Bug 879179 https://bugzilla.suse.com/890764 SUSE Bug 890764 https://bugzilla.suse.com/890767 SUSE Bug 890767 https://bugzilla.suse.com/890768 SUSE Bug 890768 https://bugzilla.suse.com/890769 SUSE Bug 890769 https://bugzilla.suse.com/890770 SUSE Bug 890770 https://bugzilla.suse.com/901223 SUSE Bug 901223 https://bugzilla.suse.com/901277 SUSE Bug 901277 https://bugzilla.suse.com/912014 SUSE Bug 912014 https://bugzilla.suse.com/912015 SUSE Bug 912015 https://bugzilla.suse.com/912018 SUSE Bug 912018 https://bugzilla.suse.com/912293 SUSE Bug 912293 https://bugzilla.suse.com/912294 SUSE Bug 912294 https://bugzilla.suse.com/912296 SUSE Bug 912296 https://bugzilla.suse.com/915976 SUSE Bug 915976 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/920236 SUSE Bug 920236 https://bugzilla.suse.com/922488 SUSE Bug 922488 https://bugzilla.suse.com/922496 SUSE Bug 922496 https://bugzilla.suse.com/922499 SUSE Bug 922499 https://bugzilla.suse.com/922500 SUSE Bug 922500 https://bugzilla.suse.com/922501 SUSE Bug 922501 https://bugzilla.suse.com/929678 SUSE Bug 929678 https://bugzilla.suse.com/931698 SUSE Bug 931698 https://bugzilla.suse.com/933898 SUSE Bug 933898 https://bugzilla.suse.com/933911 SUSE Bug 933911 https://bugzilla.suse.com/934487 SUSE Bug 934487 https://bugzilla.suse.com/934489 SUSE Bug 934489 https://bugzilla.suse.com/934491 SUSE Bug 934491 https://bugzilla.suse.com/934493 SUSE Bug 934493 https://www.suse.com/security/cve/CVE-2009-5146/ SUSE CVE CVE-2009-5146 page https://www.suse.com/security/cve/CVE-2014-0076/ SUSE CVE CVE-2014-0076 page https://www.suse.com/security/cve/CVE-2014-0221/ SUSE CVE CVE-2014-0221 page https://www.suse.com/security/cve/CVE-2014-0224/ SUSE CVE CVE-2014-0224 page https://www.suse.com/security/cve/CVE-2014-3470/ SUSE CVE CVE-2014-3470 page https://www.suse.com/security/cve/CVE-2014-3505/ SUSE CVE CVE-2014-3505 page https://www.suse.com/security/cve/CVE-2014-3506/ SUSE CVE CVE-2014-3506 page https://www.suse.com/security/cve/CVE-2014-3507/ SUSE CVE CVE-2014-3507 page https://www.suse.com/security/cve/CVE-2014-3508/ SUSE CVE CVE-2014-3508 page https://www.suse.com/security/cve/CVE-2014-3510/ SUSE CVE CVE-2014-3510 page https://www.suse.com/security/cve/CVE-2014-3566/ SUSE CVE CVE-2014-3566 page https://www.suse.com/security/cve/CVE-2014-3567/ SUSE CVE CVE-2014-3567 page https://www.suse.com/security/cve/CVE-2014-3568/ SUSE CVE CVE-2014-3568 page https://www.suse.com/security/cve/CVE-2014-3570/ SUSE CVE CVE-2014-3570 page https://www.suse.com/security/cve/CVE-2014-3571/ SUSE CVE CVE-2014-3571 page https://www.suse.com/security/cve/CVE-2014-3572/ SUSE CVE CVE-2014-3572 page https://www.suse.com/security/cve/CVE-2014-8275/ SUSE CVE CVE-2014-8275 page https://www.suse.com/security/cve/CVE-2015-0204/ SUSE CVE CVE-2015-0204 page https://www.suse.com/security/cve/CVE-2015-0205/ SUSE CVE CVE-2015-0205 page https://www.suse.com/security/cve/CVE-2015-0209/ SUSE CVE CVE-2015-0209 page https://www.suse.com/security/cve/CVE-2015-0286/ SUSE CVE CVE-2015-0286 page https://www.suse.com/security/cve/CVE-2015-0287/ SUSE CVE CVE-2015-0287 page https://www.suse.com/security/cve/CVE-2015-0288/ SUSE CVE CVE-2015-0288 page https://www.suse.com/security/cve/CVE-2015-0289/ SUSE CVE CVE-2015-0289 page https://www.suse.com/security/cve/CVE-2015-0292/ SUSE CVE CVE-2015-0292 page https://www.suse.com/security/cve/CVE-2015-0293/ SUSE CVE CVE-2015-0293 page https://www.suse.com/security/cve/CVE-2015-1788/ SUSE CVE CVE-2015-1788 page https://www.suse.com/security/cve/CVE-2015-1789/ SUSE CVE CVE-2015-1789 page https://www.suse.com/security/cve/CVE-2015-1790/ SUSE CVE CVE-2015-1790 page https://www.suse.com/security/cve/CVE-2015-1791/ SUSE CVE CVE-2015-1791 page https://www.suse.com/security/cve/CVE-2015-1792/ SUSE CVE CVE-2015-1792 page https://www.suse.com/security/cve/CVE-2015-3216/ SUSE CVE CVE-2015-3216 page https://www.suse.com/security/cve/CVE-2015-4000/ SUSE CVE CVE-2015-4000 page SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Manager 1.7 SUSE Studio Onsite 1.3 libopenssl-devel-0.9.8j-0.66.1 libopenssl0_9_8-0.9.8j-0.66.1 libopenssl0_9_8-32bit-0.9.8j-0.66.1 openssl-0.9.8j-0.66.1 libopenssl0_9_8-hmac-0.9.8j-0.66.1 libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 openssl-doc-0.9.8j-0.66.1 libopenssl0_9_8-x86-0.9.8j-0.66.1 libopenssl0_9_8-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 libopenssl0_9_8-32bit-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 openssl-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 libopenssl0_9_8-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-32bit-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-hmac-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-x86-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3 openssl-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3 openssl-doc-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopenssl0_9_8-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libopenssl0_9_8-32bit-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libopenssl0_9_8-hmac-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libopenssl0_9_8-x86-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openssl-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openssl-doc-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libopenssl0_9_8-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libopenssl0_9_8-32bit-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libopenssl0_9_8-hmac-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libopenssl0_9_8-x86-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openssl-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openssl-doc-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libopenssl-devel-0.9.8j-0.66.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 libopenssl0_9_8-0.9.8j-0.66.1 as a component of SUSE Manager 1.7 libopenssl0_9_8-32bit-0.9.8j-0.66.1 as a component of SUSE Manager 1.7 libopenssl0_9_8-hmac-0.9.8j-0.66.1 as a component of SUSE Manager 1.7 libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 as a component of SUSE Manager 1.7 openssl-0.9.8j-0.66.1 as a component of SUSE Manager 1.7 openssl-doc-0.9.8j-0.66.1 as a component of SUSE Manager 1.7 libopenssl-devel-0.9.8j-0.66.1 as a component of SUSE Studio Onsite 1.3 DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none CVE-2009-5146 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2009-5146.html CVE-2009-5146 https://bugzilla.suse.com/915976 SUSE Bug 915976 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/922647 SUSE Bug 922647 The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. CVE-2014-0076 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 low 1.9 AV:L/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-0076.html CVE-2014-0076 https://bugzilla.suse.com/869945 SUSE Bug 869945 https://bugzilla.suse.com/880891 SUSE Bug 880891 https://bugzilla.suse.com/883126 SUSE Bug 883126 https://bugzilla.suse.com/885777 SUSE Bug 885777 https://bugzilla.suse.com/905106 SUSE Bug 905106 The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake. CVE-2014-0221 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-0221.html CVE-2014-0221 https://bugzilla.suse.com/880891 SUSE Bug 880891 https://bugzilla.suse.com/883126 SUSE Bug 883126 https://bugzilla.suse.com/885777 SUSE Bug 885777 https://bugzilla.suse.com/905106 SUSE Bug 905106 https://bugzilla.suse.com/915913 SUSE Bug 915913 OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. CVE-2014-0224 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 important 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-0224.html CVE-2014-0224 https://bugzilla.suse.com/1146657 SUSE Bug 1146657 https://bugzilla.suse.com/880891 SUSE Bug 880891 https://bugzilla.suse.com/881743 SUSE Bug 881743 https://bugzilla.suse.com/883126 SUSE Bug 883126 https://bugzilla.suse.com/885777 SUSE Bug 885777 https://bugzilla.suse.com/892403 SUSE Bug 892403 https://bugzilla.suse.com/901237 SUSE Bug 901237 https://bugzilla.suse.com/903703 SUSE Bug 903703 https://bugzilla.suse.com/905018 SUSE Bug 905018 https://bugzilla.suse.com/905106 SUSE Bug 905106 https://bugzilla.suse.com/914447 SUSE Bug 914447 https://bugzilla.suse.com/915913 SUSE Bug 915913 https://bugzilla.suse.com/916239 SUSE Bug 916239 The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. CVE-2014-3470 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3470.html CVE-2014-3470 https://bugzilla.suse.com/880891 SUSE Bug 880891 https://bugzilla.suse.com/883126 SUSE Bug 883126 https://bugzilla.suse.com/885777 SUSE Bug 885777 https://bugzilla.suse.com/905106 SUSE Bug 905106 https://bugzilla.suse.com/915913 SUSE Bug 915913 Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that trigger an error condition. CVE-2014-3505 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3505.html CVE-2014-3505 https://bugzilla.suse.com/890759 SUSE Bug 890759 https://bugzilla.suse.com/890764 SUSE Bug 890764 https://bugzilla.suse.com/890767 SUSE Bug 890767 https://bugzilla.suse.com/905106 SUSE Bug 905106 d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values. CVE-2014-3506 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3506.html CVE-2014-3506 https://bugzilla.suse.com/890759 SUSE Bug 890759 https://bugzilla.suse.com/890764 SUSE Bug 890764 https://bugzilla.suse.com/890768 SUSE Bug 890768 https://bugzilla.suse.com/905106 SUSE Bug 905106 Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function. CVE-2014-3507 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3507.html CVE-2014-3507 https://bugzilla.suse.com/890759 SUSE Bug 890759 https://bugzilla.suse.com/890764 SUSE Bug 890764 https://bugzilla.suse.com/890769 SUSE Bug 890769 https://bugzilla.suse.com/905106 SUSE Bug 905106 The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions. CVE-2014-3508 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3508.html CVE-2014-3508 https://bugzilla.suse.com/890759 SUSE Bug 890759 https://bugzilla.suse.com/890764 SUSE Bug 890764 https://bugzilla.suse.com/905106 SUSE Bug 905106 https://bugzilla.suse.com/950708 SUSE Bug 950708 The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite. CVE-2014-3510 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3510.html CVE-2014-3510 https://bugzilla.suse.com/890759 SUSE Bug 890759 https://bugzilla.suse.com/890764 SUSE Bug 890764 https://bugzilla.suse.com/890770 SUSE Bug 890770 https://bugzilla.suse.com/905106 SUSE Bug 905106 The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. CVE-2014-3566 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 critical 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3566.html CVE-2014-3566 https://bugzilla.suse.com/1011293 SUSE Bug 1011293 https://bugzilla.suse.com/1031023 SUSE Bug 1031023 https://bugzilla.suse.com/901223 SUSE Bug 901223 https://bugzilla.suse.com/901254 SUSE Bug 901254 https://bugzilla.suse.com/901277 SUSE Bug 901277 https://bugzilla.suse.com/901748 SUSE Bug 901748 https://bugzilla.suse.com/901757 SUSE Bug 901757 https://bugzilla.suse.com/901759 SUSE Bug 901759 https://bugzilla.suse.com/901889 SUSE Bug 901889 https://bugzilla.suse.com/901968 SUSE Bug 901968 https://bugzilla.suse.com/902229 SUSE Bug 902229 https://bugzilla.suse.com/902233 SUSE Bug 902233 https://bugzilla.suse.com/902476 SUSE Bug 902476 https://bugzilla.suse.com/903405 SUSE Bug 903405 https://bugzilla.suse.com/903684 SUSE Bug 903684 https://bugzilla.suse.com/904889 SUSE Bug 904889 https://bugzilla.suse.com/905106 SUSE Bug 905106 https://bugzilla.suse.com/914041 SUSE Bug 914041 https://bugzilla.suse.com/994144 SUSE Bug 994144 Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure. CVE-2014-3567 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 important 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3567.html CVE-2014-3567 https://bugzilla.suse.com/877506 SUSE Bug 877506 https://bugzilla.suse.com/901277 SUSE Bug 901277 https://bugzilla.suse.com/905106 SUSE Bug 905106 OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c. CVE-2014-3568 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3568.html CVE-2014-3568 https://bugzilla.suse.com/901277 SUSE Bug 901277 https://bugzilla.suse.com/905106 SUSE Bug 905106 https://bugzilla.suse.com/911399 SUSE Bug 911399 https://bugzilla.suse.com/986238 SUSE Bug 986238 The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. CVE-2014-3570 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3570.html CVE-2014-3570 https://bugzilla.suse.com/912296 SUSE Bug 912296 https://bugzilla.suse.com/915848 SUSE Bug 915848 https://bugzilla.suse.com/927623 SUSE Bug 927623 https://bugzilla.suse.com/937891 SUSE Bug 937891 https://bugzilla.suse.com/944456 SUSE Bug 944456 OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c. CVE-2014-3571 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3571.html CVE-2014-3571 https://bugzilla.suse.com/912294 SUSE Bug 912294 https://bugzilla.suse.com/915848 SUSE Bug 915848 https://bugzilla.suse.com/927623 SUSE Bug 927623 The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message. CVE-2014-3572 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-3572.html CVE-2014-3572 https://bugzilla.suse.com/912015 SUSE Bug 912015 https://bugzilla.suse.com/915848 SUSE Bug 915848 https://bugzilla.suse.com/927623 SUSE Bug 927623 https://bugzilla.suse.com/937891 SUSE Bug 937891 OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c. CVE-2014-8275 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2014-8275.html CVE-2014-8275 https://bugzilla.suse.com/912018 SUSE Bug 912018 https://bugzilla.suse.com/915848 SUSE Bug 915848 https://bugzilla.suse.com/927623 SUSE Bug 927623 https://bugzilla.suse.com/937891 SUSE Bug 937891 The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations. CVE-2015-0204 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-0204.html CVE-2015-0204 https://bugzilla.suse.com/912014 SUSE Bug 912014 https://bugzilla.suse.com/920482 SUSE Bug 920482 https://bugzilla.suse.com/920484 SUSE Bug 920484 https://bugzilla.suse.com/927591 SUSE Bug 927591 https://bugzilla.suse.com/927623 SUSE Bug 927623 https://bugzilla.suse.com/936787 SUSE Bug 936787 https://bugzilla.suse.com/952088 SUSE Bug 952088 The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support. CVE-2015-0205 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-0205.html CVE-2015-0205 https://bugzilla.suse.com/912293 SUSE Bug 912293 https://bugzilla.suse.com/915848 SUSE Bug 915848 https://bugzilla.suse.com/927623 SUSE Bug 927623 https://bugzilla.suse.com/937891 SUSE Bug 937891 Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import. CVE-2015-0209 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-0209.html CVE-2015-0209 https://bugzilla.suse.com/912014 SUSE Bug 912014 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/937891 SUSE Bug 937891 The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature. CVE-2015-0286 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 critical 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-0286.html CVE-2015-0286 https://bugzilla.suse.com/912014 SUSE Bug 912014 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/922496 SUSE Bug 922496 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/937891 SUSE Bug 937891 https://bugzilla.suse.com/951391 SUSE Bug 951391 The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse. CVE-2015-0287 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 critical 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-0287.html CVE-2015-0287 https://bugzilla.suse.com/912014 SUSE Bug 912014 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/922499 SUSE Bug 922499 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/937891 SUSE Bug 937891 https://bugzilla.suse.com/968888 SUSE Bug 968888 https://bugzilla.suse.com/991722 SUSE Bug 991722 The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key. CVE-2015-0288 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 critical 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-0288.html CVE-2015-0288 https://bugzilla.suse.com/912014 SUSE Bug 912014 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/920236 SUSE Bug 920236 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/937891 SUSE Bug 937891 https://bugzilla.suse.com/951391 SUSE Bug 951391 The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c. CVE-2015-0289 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 critical 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-0289.html CVE-2015-0289 https://bugzilla.suse.com/912014 SUSE Bug 912014 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/922500 SUSE Bug 922500 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/937891 SUSE Bug 937891 Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow. CVE-2015-0292 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-0292.html CVE-2015-0292 https://bugzilla.suse.com/912014 SUSE Bug 912014 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/922501 SUSE Bug 922501 https://bugzilla.suse.com/936586 SUSE Bug 936586 The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message. CVE-2015-0293 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 critical 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-0293.html CVE-2015-0293 https://bugzilla.suse.com/912014 SUSE Bug 912014 https://bugzilla.suse.com/919648 SUSE Bug 919648 https://bugzilla.suse.com/922488 SUSE Bug 922488 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/968044 SUSE Bug 968044 https://bugzilla.suse.com/968051 SUSE Bug 968051 https://bugzilla.suse.com/968053 SUSE Bug 968053 https://bugzilla.suse.com/986238 SUSE Bug 986238 The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication. CVE-2015-1788 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-1788.html CVE-2015-1788 https://bugzilla.suse.com/934487 SUSE Bug 934487 https://bugzilla.suse.com/934666 SUSE Bug 934666 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/937891 SUSE Bug 937891 https://bugzilla.suse.com/938432 SUSE Bug 938432 The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback. CVE-2015-1789 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-1789.html CVE-2015-1789 https://bugzilla.suse.com/934489 SUSE Bug 934489 https://bugzilla.suse.com/934666 SUSE Bug 934666 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/937891 SUSE Bug 937891 https://bugzilla.suse.com/938432 SUSE Bug 938432 https://bugzilla.suse.com/951391 SUSE Bug 951391 The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data. CVE-2015-1790 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-1790.html CVE-2015-1790 https://bugzilla.suse.com/934491 SUSE Bug 934491 https://bugzilla.suse.com/934666 SUSE Bug 934666 https://bugzilla.suse.com/936586 SUSE Bug 936586 https://bugzilla.suse.com/938432 SUSE Bug 938432 Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier. CVE-2015-1791 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-1791.html CVE-2015-1791 https://bugzilla.suse.com/933911 SUSE Bug 933911 https://bugzilla.suse.com/934666 SUSE Bug 934666 https://bugzilla.suse.com/986238 SUSE Bug 986238 https://bugzilla.suse.com/989464 SUSE Bug 989464 The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function. CVE-2015-1792 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-1792.html CVE-2015-1792 https://bugzilla.suse.com/934493 SUSE Bug 934493 https://bugzilla.suse.com/934666 SUSE Bug 934666 https://bugzilla.suse.com/937891 SUSE Bug 937891 https://bugzilla.suse.com/986238 SUSE Bug 986238 Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field. CVE-2015-3216 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-3216.html CVE-2015-3216 https://bugzilla.suse.com/933898 SUSE Bug 933898 The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. CVE-2015-4000 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Desktop 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libopenssl0_9_8-x86-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-0.9.8j-0.66.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssl-doc-0.9.8j-0.66.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libopenssl-devel-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-0.9.8j-0.66.1 SUSE Manager 1.7:libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-0.9.8j-0.66.1 SUSE Manager 1.7:openssl-doc-0.9.8j-0.66.1 SUSE Studio Onsite 1.3:libopenssl-devel-0.9.8j-0.66.1 important 7.3 AV:N/AC:H/Au:N/C:C/I:C/A:P 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150545-2/ https://www.suse.com/security/cve/CVE-2015-4000.html CVE-2015-4000 https://bugzilla.suse.com/1074631 SUSE Bug 1074631 https://bugzilla.suse.com/1211968 SUSE Bug 1211968 https://bugzilla.suse.com/931600 SUSE Bug 931600 https://bugzilla.suse.com/931698 SUSE Bug 931698 https://bugzilla.suse.com/931723 SUSE Bug 931723 https://bugzilla.suse.com/931845 SUSE Bug 931845 https://bugzilla.suse.com/932026 SUSE Bug 932026 https://bugzilla.suse.com/932483 SUSE Bug 932483 https://bugzilla.suse.com/934789 SUSE Bug 934789 https://bugzilla.suse.com/935033 SUSE Bug 935033 https://bugzilla.suse.com/935540 SUSE Bug 935540 https://bugzilla.suse.com/935979 SUSE Bug 935979 https://bugzilla.suse.com/937202 SUSE Bug 937202 https://bugzilla.suse.com/937766 SUSE Bug 937766 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938432 SUSE Bug 938432 https://bugzilla.suse.com/938895 SUSE Bug 938895 https://bugzilla.suse.com/938905 SUSE Bug 938905 https://bugzilla.suse.com/938906 SUSE Bug 938906 https://bugzilla.suse.com/938913 SUSE Bug 938913 https://bugzilla.suse.com/938945 SUSE Bug 938945 https://bugzilla.suse.com/943664 SUSE Bug 943664 https://bugzilla.suse.com/944729 SUSE Bug 944729 https://bugzilla.suse.com/945582 SUSE Bug 945582 https://bugzilla.suse.com/955589 SUSE Bug 955589 https://bugzilla.suse.com/980406 SUSE Bug 980406 https://bugzilla.suse.com/990592 SUSE Bug 990592 https://bugzilla.suse.com/994144 SUSE Bug 994144