SUSE-OU-2016:1867-1: Security update for stunnel

sle-updates at lists.suse.com sle-updates at lists.suse.com
Mon Jul 25 07:09:33 MDT 2016


   SUSE Optional Update: Security update for stunnel
______________________________________________________________________________

Announcement ID:    SUSE-OU-2016:1867-1
Rating:             low
References:         #961377 #987861 
Affected Products:
                    SUSE Linux Enterprise Server 11-SP4
                    SUSE Linux Enterprise Server 11-SECURITY
                    SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

   An update that has two optional fixes can now be installed.

Description:


   This update provides a stunnel-openssl1 package which is built against
   openssl1 to provide TLS 1.2 support. (FATE#320187 bsc#961377 FATE#319972
    bsc#987861)

   The stunnel-openssl1 package can be installed additionally to the stunnel
   package.

   The upate-alternatives method can be used to select either the openssl0
   or openssl1 build, default is the openssl1 build.

   To show what is selected: update-alternatives --display stunnel

   To switch switch use:

           update-alternatives --set stunnel /usr/sbin/stunnel.openssl0

           update-alternatives --set stunnel /usr/sbin/stunnel.openssl1

   or to change back to automatic handling use:

           update-alternatives --auto stunnel

   Also the ECDHE default elliptic curve was changed to the prime256v1 curve.


Patch Instructions:

   To install this SUSE Optional Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11-SP4:

      zypper in -t patch slessp4-stunnel-openssl1-12663=1

   - SUSE Linux Enterprise Server 11-SECURITY:

      zypper in -t patch secsp3-stunnel-openssl1-12663=1

   - SUSE Linux Enterprise Debuginfo 11-SP4:

      zypper in -t patch dbgsp4-stunnel-openssl1-12663=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      stunnel-4.54-0.11.1

   - SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64):

      stunnel-openssl1-4.54-0.11.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      stunnel-debuginfo-4.54-0.11.1
      stunnel-debugsource-4.54-0.11.1


References:

   https://bugzilla.suse.com/961377
   https://bugzilla.suse.com/987861



More information about the sle-updates mailing list