SuSE 11.2 / 11.3 Security Update : openssl-certs (SAT Patch Numbers 8681 / 8682)

high Nessus Plugin ID 71836

Synopsis

The remote SuSE 11 host is missing a security update.

Description

openssl-certs was updated with the current certificate data available from mozilla.org.

Changes :

- Updated certificates to revision 1.95 Distrust a sub-ca that issued google.com certificates. 'Distrusted AC DG Tresor SSL'. (bnc#854367)

Many CA updates from Mozilla :

- new:
CA_Disig_Root_R1:2.9.0.195.3.154.238.80.144.110.40.crt server auth, code signing, email signing

- new:
CA_Disig_Root_R2:2.9.0.146.184.136.219.176.138.193.99.cr t server auth, code signing, email signing

- new:
China_Internet_Network_Information_Center_EV_Certificate s_Root:2.4.72.159.0.1.crt server auth

- changed:
Digital_Signature_Trust_Co._Global_CA_1:2.4.54.112.21.15 0.crt removed code signing and server auth abilities

- changed:
Digital_Signature_Trust_Co._Global_CA_3:2.4.54.110.211.2 06.crt removed code signing and server auth abilities

- new: D-TRUST_Root_Class_3_CA_2_2009:2.3.9.131.243.crt server auth

- new: D-TRUST_Root_Class_3_CA_2_EV_2009:2.3.9.131.244.crt server auth

- removed:
Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.185.
102.crt

- new:
Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.222.
248.crt

- removed:
Equifax_Secure_eBusiness_CA_2:2.4.55.112.207.181.crt

- new: PSCProcert:2.1.11.crt server auth, code signing, email signing

- new:
Swisscom_Root_CA_2:2.16.30.158.40.232.72.242.229.239.195 .124.74.30.90.24.103.182.crt server auth, code signing, email signing

- new:
Swisscom_Root_EV_CA_2:2.17.0.242.250.100.226.116.99.211.
141.253.16.29.4.31.118.202.88.crt server auth, code signing

- changed:
TC_TrustCenter_Universal_CA_III:2.14.99.37.0.1.0.2.20.14 1.51.21.2.228.108.244.crt removed all abilities

- new:
TURKTRUST_Certificate_Services_Provider_Root_2007:2.1.1.
crt server auth, code signing

- changed: TWCA_Root_Certification_Authority:2.1.1.crt added code signing ability

- new 'EE Certification Centre Root CA'

- new 'T-TeleSec GlobalRoot Class 3'

- revoke mis-issued intermediate CAs from TURKTRUST.

Solution

Apply SAT patch number 8681 / 8682 as appropriate.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=796628

https://bugzilla.novell.com/show_bug.cgi?id=854367

Plugin Details

Severity: High

ID: 71836

File Name: suse_11_openssl-certs-131218.nasl

Version: 1.3

Type: local

Agent: unix

Published: 1/7/2014

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:openssl-certs, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 12/18/2013