Описание
Security update for slrn
This update for slrn contains one security improvement:
- CVE-2014-3566: Disable SSLv3 to prevent POODLE attack (boo#1031023)
The version 1.0.3 also contains a number of display and message processing improvements.
Список пакетов
openSUSE Leap 42.1
slrn-1.0.3-4.3.1
slrn-lang-1.0.3-4.3.1
openSUSE Leap 42.2
slrn-1.0.3-4.3.1
slrn-lang-1.0.3-4.3.1
Ссылки
- E-Mail link for openSUSE-SU-2017:0980-1
- SUSE Security Ratings
Описание
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Затронутые продукты
openSUSE Leap 42.1:slrn-1.0.3-4.3.1
openSUSE Leap 42.1:slrn-lang-1.0.3-4.3.1
openSUSE Leap 42.2:slrn-1.0.3-4.3.1
openSUSE Leap 42.2:slrn-lang-1.0.3-4.3.1
Ссылки
- CVE-2014-3566
- SUSE Bug 1011293
- SUSE Bug 1031023
- SUSE Bug 901223
- SUSE Bug 901254
- SUSE Bug 901277
- SUSE Bug 901748
- SUSE Bug 901757
- SUSE Bug 901759
- SUSE Bug 901889
- SUSE Bug 901968
- SUSE Bug 902229
- SUSE Bug 902476
- SUSE Bug 902912
- SUSE Bug 903405
- SUSE Bug 903684
- SUSE Bug 903690
- SUSE Bug 903692
- SUSE Bug 904889
- SUSE Bug 905106