SUSE-OU-2014:0566-1: Optional update for postfix-openssl1

sle-updates at lists.suse.com sle-updates at lists.suse.com
Thu Apr 24 15:04:10 MDT 2014 

   SUSE Optional Update: Optional update for postfix-openssl1
______________________________________________________________________________

Announcement ID:    SUSE-OU-2014:0566-1
Rating:             low
References:         #864912 #874744 #874746 
Affected Products:
                    SUSE Linux Enterprise Security Module 11 SP3
______________________________________________________________________________

   An update that has three optional fixes can now be
   installed.

Description:


   This update provides an optional Postfix Mail Server
   package built against  OpenSSL 1.0 that allows the use of
   TLS 1.2 for both sending and receiving  e-mails.

   The set of RPMs is named "postfix-openssl1" (and
   sub-packages).

   The package is in the same source level as the regular
   "postfix" from SUSE  Linux Enterprise and consequently uses
   and supports the same configuration  parameters.

   Postfix-openssl1 requires the usage of OpenSSL1.0-enabled
   versions of  openldap2 and cyrus-sasl libraries.

   If other libraries are used by your Postfix installation
   that indirectly  require OpenSSL 0.9.x, this setup might
   not always work. It is strongly  recommended to do
   integration tests before deploying the packages in a
   production environment.

   To switch from Postfix with OpenSSL 0.9.x to OpenSSL 1.0:

   * Backup the Postfix configuration files.
   * Run: "zypper in postfix-openssl1" o Zypper will
   report conflicts with postfix (and potentially with
   -mysql, -postgresql and -doc sub-packages). o
   As conflict resolution chose to migrate to postfix-openssl1
   flavoured packages and uninstall the old postfix.
   * Restore the configuration files (they have also been
   saved as .rpmsave files).
   * Start postfix and verify that all features work.

Indications:

   Update for an optional TLS 1.2 enabled Postfix.

Patch Instructions:

   To install this SUSE Optional Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Security Module 11 SP3:

      zypper in -t patch secsp3-postfix-openssl1-9158

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Security Module 11 SP3 (i586 ia64 ppc64 s390x x86_64):

      postfix-openssl1-2.9.4-0.19.1
      postfix-openssl1-devel-2.9.4-0.19.1
      postfix-openssl1-doc-2.9.4-0.19.1
      postfix-openssl1-mysql-2.9.4-0.19.1
      postfix-openssl1-postgresql-2.9.4-0.19.1


References:

   https://bugzilla.novell.com/864912
   https://bugzilla.novell.com/874744
   https://bugzilla.novell.com/874746
   http://download.suse.com/patch/finder/?keywords=fdae3d486e2bc75924b4571b08a72780

More information about the sle-updates mailing list