Izdana je nadogradnja za paket openssl-certs koja uključuje najnovije izvorne SSL certifikate koje je Mozilla označila kao sigurne.
Paket:
openssl-certs 0.x
Operacijski sustavi:
SUSE Linux Enterprise Desktop 10, SUSE Linux Enterprise Desktop 11, SUSE Linux Enterprise Server (SLES) 10, SUSE Linux Enterprise Server (SLES) 11
Problem:
neodgovarajuće rukovanje datotekama
Iskorištavanje:
lokalno/udaljeno
Posljedica:
izmjena podataka
Rješenje:
programska zakrpa proizvođača
Izvorni ID preporuke:
SUSE-SU-2011:0995-1
Izvor:
SUSE
Problem:
Certifikacijsko tijelo DigiNotar Certificate Authority sigurnosno je kompromitirano. Navedeni problem uočen je na temelju neispravnog SSL certifikata kojeg je objavilo spomenuto tijelo.
Posljedica:
Posljedica uočenog propusta je bila mogućnost zlouporabe nekolicine krivotvorenih certifikata.
Rješenje:
Korisnicima se savjetuje da nadograde svoje pakete.
SUSE Security Update: Security update for openssl-certs
______________________________________________________________________________
Announcement ID: SUSE-SU-2011:0995-1
Rating: important
References: #714931
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Server 10 SP3
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This updates includes the latest SSL root certificates
trusted by Mozilla as of 2011-08-31. This includes
removing the DigiNotar CA.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-openssl-certs-5085
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-openssl-certs-5085
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-openssl-certs-5085
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (noarch):
openssl-certs-0.9.8h-27.3.1
- SUSE Linux Enterprise Server 11 SP1 (noarch):
openssl-certs-0.9.8h-27.3.1
- SUSE Linux Enterprise Server 10 SP4 (noarch):
openssl-certs-0.8.0-0.10.1
- SUSE Linux Enterprise Server 10 SP3 (noarch):
openssl-certs-0.8.0-0.7.9.1
- SUSE Linux Enterprise Desktop 11 SP1 (noarch):
openssl-certs-0.9.8h-27.3.1
- SUSE Linux Enterprise Desktop 10 SP4 (noarch):
openssl-certs-0.8.0-0.10.1
References:
https://bugzilla.novell.com/714931
http://download.novell.com/patch/finder/?keywords=0581e710596e667a5784286e9dcc328e
http://download.novell.com/patch/finder/?keywords=36816e61441e07231a83a532c15c8fa6
http://download.novell.com/patch/finder/?keywords=f60a9df4917307322c4da2d92b284752
--
To unsubscribe, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
For additional commands, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
Posljednje sigurnosne preporuke