This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update to mbedtls 1.3.16 fixes the following security issues :
- CVE-2015-7575: Disables by default MD5 handshake
signatures in TLS 1.2 to prevent the SLOTH attack on TLS
1.2 server authentication (boo#961284)
- boo#961290: potential double free during certificate
See also :
Update the affected mbedtls packages.
Risk factor :
Medium / CVSS Base Score : 4.3