SUSE-OU-2014:0565-1: Optional OpenSSL 1.0 Libraries

sle-updates at sle-updates at
Thu Apr 24 12:04:12 MDT 2014

   SUSE Optional Update: Optional OpenSSL 1.0 Libraries

Announcement ID:    SUSE-OU-2014:0565-1
Rating:             low
References:         #860332 #861014 #864912 #869945 #872299 #873351 
Affected Products:
                    SUSE Linux Enterprise Security Module 11 SP3

   An update that has 6 optional fixes can now be installed.


   This update provides OpenSSL version 1.0.1g, delivered as
   an additional  library version that can coexist with the
   original OpenSSL 0.9.8j from SUSE  Linux Enterprise 11.

   OpenSSL 1.0 brings modern features such as:

   * TLS 1.2 support
   * AES-GCM cipher support

   Installing these packages will only make the library
   available on the  system. All current programs will still
   be using OpenSSL 0.9.8j. You can  however use this library
   to build and link your own programs.

   We will also release parallel software versions that will
   benefit from  OpenSSL 1.0, currently planned is the Postfix
   Mail Server package.

   For development, install the "libopenssl1-devel" package
   instead of  "libopenssl-devel".

   The library version shipped in this update already includes
   the upstream  fix for the "HeartBleed" issue

   Additionally, the update fixes a use-after-free issue in
   SSL buffer  handling (CVE-2010-5298).


   Install if you want to use or build software against OpenSSL 1.0.

Patch Instructions:

   To install this SUSE Optional Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Security Module 11 SP3:

      zypper in -t patch secsp3-libopenssl1-devel-9134

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Security Module 11 SP3 (i586 ia64 ppc64 s390x x86_64):


   - SUSE Linux Enterprise Security Module 11 SP3 (ppc64 s390x x86_64):


   - SUSE Linux Enterprise Security Module 11 SP3 (ia64):



More information about the sle-updates mailing list