Recommended update for openldap2 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:1482-1 Final 1 1 2015-07-29T15:08:23Z current 2015-07-29T15:08:23Z 2015-07-29T15:08:23Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Recommended update for openldap2 openldap2 was updated to fix one security issue. This security issue was fixed: - CVE-2015-4000: The Logjam Attack / weakdh.org (bsc#937766). This non-security issue was fixed: - bsc#932773: ldapmodify failed with DOS format LDIF files containing '-' separator. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp3-openldap2-12068,sdksp4-openldap2-12068,secsp3-openldap2-12068,sledsp3-openldap2-12068,sledsp4-openldap2-12068,slessp3-openldap2-12068,slessp4-openldap2-12068 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20151482-1/ Link for SUSE-SU-2015:1482-1 https://lists.suse.com/pipermail/sle-security-updates/2015-September/001568.html E-Mail link for SUSE-SU-2015:1482-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/924496 SUSE Bug 924496 https://bugzilla.suse.com/932773 SUSE Bug 932773 https://bugzilla.suse.com/937766 SUSE Bug 937766 https://www.suse.com/security/cve/CVE-2015-4000/ SUSE CVE CVE-2015-4000 page SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 openldap2-2.4.26-0.35.1 openldap2-back-perl-2.4.26-0.35.1 openldap2-devel-2.4.26-0.35.1 openldap2-devel-32bit-2.4.26-0.35.1 libldap-openssl1-2_4-2-2.4.26-0.35.1 libldap-openssl1-2_4-2-32bit-2.4.26-0.35.1 libldap-openssl1-2_4-2-x86-2.4.26-0.35.1 libldap-2_4-2-2.4.26-0.35.1 libldap-2_4-2-32bit-2.4.26-0.35.1 openldap2-client-2.4.26-0.35.1 compat-libldap-2_3-0-2.3.37-2.35.1 libldap-2_4-2-x86-2.4.26-0.35.1 openldap2-back-meta-2.4.26-0.35.1 libldap-2_4-2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 libldap-2_4-2-32bit-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 openldap2-client-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 libldap-2_4-2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 libldap-2_4-2-32bit-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 openldap2-client-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 compat-libldap-2_3-0-2.3.37-2.35.1 as a component of SUSE Linux Enterprise Server 11 SP3 libldap-2_4-2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3 libldap-2_4-2-32bit-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3 libldap-2_4-2-x86-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3 openldap2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3 openldap2-back-meta-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3 openldap2-client-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3 compat-libldap-2_3-0-2.3.37-2.35.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libldap-2_4-2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libldap-2_4-2-32bit-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libldap-2_4-2-x86-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openldap2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openldap2-back-meta-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openldap2-client-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA compat-libldap-2_3-0-2.3.37-2.35.1 as a component of SUSE Linux Enterprise Server 11 SP4 libldap-2_4-2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP4 libldap-2_4-2-32bit-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP4 libldap-2_4-2-x86-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP4 openldap2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP4 openldap2-back-meta-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP4 openldap2-client-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11 SP4 libldap-openssl1-2_4-2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11-SECURITY libldap-openssl1-2_4-2-32bit-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11-SECURITY libldap-openssl1-2_4-2-x86-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server 11-SECURITY compat-libldap-2_3-0-2.3.37-2.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libldap-2_4-2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libldap-2_4-2-32bit-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libldap-2_4-2-x86-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openldap2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openldap2-back-meta-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openldap2-client-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 compat-libldap-2_3-0-2.3.37-2.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libldap-2_4-2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libldap-2_4-2-32bit-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libldap-2_4-2-x86-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openldap2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openldap2-back-meta-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openldap2-client-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openldap2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 openldap2-back-perl-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 openldap2-devel-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 openldap2-devel-32bit-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 openldap2-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 openldap2-back-perl-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 openldap2-devel-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 openldap2-devel-32bit-2.4.26-0.35.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. CVE-2015-4000 SUSE Linux Enterprise Desktop 11 SP3:libldap-2_4-2-2.4.26-0.35.1 SUSE Linux Enterprise Desktop 11 SP3:libldap-2_4-2-32bit-2.4.26-0.35.1 SUSE Linux Enterprise Desktop 11 SP3:openldap2-client-2.4.26-0.35.1 SUSE Linux Enterprise Desktop 11 SP4:libldap-2_4-2-2.4.26-0.35.1 SUSE Linux Enterprise Desktop 11 SP4:libldap-2_4-2-32bit-2.4.26-0.35.1 SUSE Linux Enterprise Desktop 11 SP4:openldap2-client-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:compat-libldap-2_3-0-2.3.37-2.35.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libldap-2_4-2-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libldap-2_4-2-32bit-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libldap-2_4-2-x86-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openldap2-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openldap2-back-meta-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openldap2-client-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3:compat-libldap-2_3-0-2.3.37-2.35.1 SUSE Linux Enterprise Server 11 SP3:libldap-2_4-2-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3:libldap-2_4-2-32bit-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3:libldap-2_4-2-x86-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3:openldap2-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3:openldap2-back-meta-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP3:openldap2-client-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP4:compat-libldap-2_3-0-2.3.37-2.35.1 SUSE Linux Enterprise Server 11 SP4:libldap-2_4-2-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP4:libldap-2_4-2-32bit-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP4:libldap-2_4-2-x86-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP4:openldap2-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP4:openldap2-back-meta-2.4.26-0.35.1 SUSE Linux Enterprise Server 11 SP4:openldap2-client-2.4.26-0.35.1 SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-2.4.26-0.35.1 SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-32bit-2.4.26-0.35.1 SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-x86-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:compat-libldap-2_3-0-2.3.37-2.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libldap-2_4-2-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libldap-2_4-2-32bit-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libldap-2_4-2-x86-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openldap2-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openldap2-back-meta-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openldap2-client-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-libldap-2_3-0-2.3.37-2.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libldap-2_4-2-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libldap-2_4-2-32bit-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libldap-2_4-2-x86-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openldap2-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openldap2-back-meta-2.4.26-0.35.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openldap2-client-2.4.26-0.35.1 SUSE Linux Enterprise Software Development Kit 11 SP3:openldap2-2.4.26-0.35.1 SUSE Linux Enterprise Software Development Kit 11 SP3:openldap2-back-perl-2.4.26-0.35.1 SUSE Linux Enterprise Software Development Kit 11 SP3:openldap2-devel-2.4.26-0.35.1 SUSE Linux Enterprise Software Development Kit 11 SP3:openldap2-devel-32bit-2.4.26-0.35.1 SUSE Linux Enterprise Software Development Kit 11 SP4:openldap2-2.4.26-0.35.1 SUSE Linux Enterprise Software Development Kit 11 SP4:openldap2-back-perl-2.4.26-0.35.1 SUSE Linux Enterprise Software Development Kit 11 SP4:openldap2-devel-2.4.26-0.35.1 SUSE Linux Enterprise Software Development Kit 11 SP4:openldap2-devel-32bit-2.4.26-0.35.1 important 7.3 AV:N/AC:H/Au:N/C:C/I:C/A:P 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151482-1/ https://www.suse.com/security/cve/CVE-2015-4000.html CVE-2015-4000 https://bugzilla.suse.com/1074631 SUSE Bug 1074631 https://bugzilla.suse.com/1211968 SUSE Bug 1211968 https://bugzilla.suse.com/931600 SUSE Bug 931600 https://bugzilla.suse.com/931698 SUSE Bug 931698 https://bugzilla.suse.com/931723 SUSE Bug 931723 https://bugzilla.suse.com/931845 SUSE Bug 931845 https://bugzilla.suse.com/932026 SUSE Bug 932026 https://bugzilla.suse.com/932483 SUSE Bug 932483 https://bugzilla.suse.com/934789 SUSE Bug 934789 https://bugzilla.suse.com/935033 SUSE Bug 935033 https://bugzilla.suse.com/935540 SUSE Bug 935540 https://bugzilla.suse.com/935979 SUSE Bug 935979 https://bugzilla.suse.com/937202 SUSE Bug 937202 https://bugzilla.suse.com/937766 SUSE Bug 937766 https://bugzilla.suse.com/938248 SUSE Bug 938248 https://bugzilla.suse.com/938432 SUSE Bug 938432 https://bugzilla.suse.com/938895 SUSE Bug 938895 https://bugzilla.suse.com/938905 SUSE Bug 938905 https://bugzilla.suse.com/938906 SUSE Bug 938906 https://bugzilla.suse.com/938913 SUSE Bug 938913 https://bugzilla.suse.com/938945 SUSE Bug 938945 https://bugzilla.suse.com/943664 SUSE Bug 943664 https://bugzilla.suse.com/944729 SUSE Bug 944729 https://bugzilla.suse.com/945582 SUSE Bug 945582 https://bugzilla.suse.com/955589 SUSE Bug 955589 https://bugzilla.suse.com/980406 SUSE Bug 980406 https://bugzilla.suse.com/990592 SUSE Bug 990592 https://bugzilla.suse.com/994144 SUSE Bug 994144