This OpenSSL update fixes the following issues:
* Build option no-ssl3 is incomplete (CVE-2014-3568)
* Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)
Security Issues:
* CVE-2014-3566
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566</a>>
* CVE-2014-3568
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568</a>>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SLE CLIENT TOOLS | 10 | x86_64 | openssl-32bit | < 0.9.8a-18.86.2 | openssl-32bit-0.9.8a-18.86.2.x86_64.rpm |
SLE CLIENT TOOLS | 10 | s390x | openssl | < 0.9.8a-18.86.2 | openssl-0.9.8a-18.86.2.s390x.rpm |
SLE CLIENT TOOLS | 10 | i586 | openssl | < 0.9.8a-18.86.2 | openssl-0.9.8a-18.86.2.i586.rpm |
SLE CLIENT TOOLS | 10 | x86_64 | openssl | < 0.9.8a-18.86.2 | openssl-0.9.8a-18.86.2.x86_64.rpm |
SLE CLIENT TOOLS | 10 | s390x | openssl-32bit | < 0.9.8a-18.86.2 | openssl-32bit-0.9.8a-18.86.2.s390x.rpm |