This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update disables compression in openssl by default, as the varying
sizes resulting from compression can be used to retrieve plaintext in
various cases. (CRIME attack CVE-2012-4929).
This update introduces a environment variable OPENSSL_NO_DEFAULT_ZLIB
which can be set to 'no' to reenable compression in selected services.
See also :
Update the affected openssl packages.
Risk factor :
Low / CVSS Base Score : 2.6