SUSE-OU-2016:1867-1: Security update for stunnel
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Mon Jul 25 07:09:33 MDT 2016
SUSE Optional Update: Security update for stunnel
______________________________________________________________________________
Announcement ID: SUSE-OU-2016:1867-1
Rating: low
References: #961377 #987861
Affected Products:
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that has two optional fixes can now be installed.
Description:
This update provides a stunnel-openssl1 package which is built against
openssl1 to provide TLS 1.2 support. (FATE#320187 bsc#961377 FATE#319972
bsc#987861)
The stunnel-openssl1 package can be installed additionally to the stunnel
package.
The upate-alternatives method can be used to select either the openssl0
or openssl1 build, default is the openssl1 build.
To show what is selected: update-alternatives --display stunnel
To switch switch use:
update-alternatives --set stunnel /usr/sbin/stunnel.openssl0
update-alternatives --set stunnel /usr/sbin/stunnel.openssl1
or to change back to automatic handling use:
update-alternatives --auto stunnel
Also the ECDHE default elliptic curve was changed to the prime256v1 curve.
Patch Instructions:
To install this SUSE Optional Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-stunnel-openssl1-12663=1
- SUSE Linux Enterprise Server 11-SECURITY:
zypper in -t patch secsp3-stunnel-openssl1-12663=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-stunnel-openssl1-12663=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
stunnel-4.54-0.11.1
- SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64):
stunnel-openssl1-4.54-0.11.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
stunnel-debuginfo-4.54-0.11.1
stunnel-debugsource-4.54-0.11.1
References:
https://bugzilla.suse.com/961377
https://bugzilla.suse.com/987861
More information about the sle-updates
mailing list