Detections
Analytics
openSUSE Security Update : apache2-mod_nss (openSUSE-SU-2014:0979-1)
medium Nessus Plugin ID 77132
Language:
Synopsis
The remote openSUSE host is missing a security update.Description
apache2-mod_nss is alternative yet not exclusive to mod_nss. This update introduces Server Name Indication support to mod_nss, which was not available previously. In addition to SNI, GCM ciphers have been added to the cipher list of mod_nss. A bug was corrected that prevented the entry of the certificate store passphrase if such a passphrase was set. Please note that the configuration presets were slightly changed so that the new ciphers are preferred (NSSCipherSuite directive), and the VirtualHost directive is now contained in /etc/apache2/vhosts.d/vhost-nss.templace (not used by apache because not named *.conf).Solution
Update the affected apache2-mod_nss packages.See Also
https://bugzilla.novell.com/show_bug.cgi?id=859439
https://bugzilla.novell.com/show_bug.cgi?id=863518
https://bugzilla.novell.com/show_bug.cgi?id=878681
https://lists.opensuse.org/opensuse-updates/2014-08/msg00010.html
Plugin Details
Severity: Medium
ID: 77132
File Name: openSUSE-2014-488.nasl
Version: 1.5
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 8/12/2014
Updated: 1/19/2021
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:apache2-mod_nss, p-cpe:/a:novell:opensuse:apache2-mod_nss-debuginfo, p-cpe:/a:novell:opensuse:apache2-mod_nss-debugsource, cpe:/o:novell:opensuse:13.1
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 7/30/2014