openSUSE Security Update : libtcnative-1-0 (openSUSE-2016-1375)

medium Nessus Plugin ID 95530

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for libtcnative-1-0 fixes the following issues :

- Upgrade to libtcnative-1.1.34 (bugfix release) (bsc#1004455) See https://tomcat.apache.org/native-1.1-doc/miscellaneous/c hangelog.html

- Unconditionally disable export Ciphers.

- Improve ephemeral key handling for DH and ECDH.
Parameter strength is by default derived from the certificate key strength.

- APIs SSL.generateRSATempKey() and SSL.loadDSATempKey() are no longer supported.

- Various bugfixes.

This update was imported from the SUSE:SLE-12:Update update project.

Solution

Update the affected libtcnative-1-0 packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1004455

https://tomcat.apache.org/native-1.1-doc/miscellaneous/changelog.html

Plugin Details

Severity: Medium

ID: 95530

File Name: openSUSE-2016-1375.nasl

Version: 3.3

Type: local

Agent: unix

Published: 12/5/2016

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libtcnative-1-0, p-cpe:/a:novell:opensuse:libtcnative-1-0-debuginfo, p-cpe:/a:novell:opensuse:libtcnative-1-0-debugsource, p-cpe:/a:novell:opensuse:libtcnative-1-0-devel, cpe:/o:novell:opensuse:42.1, cpe:/o:novell:opensuse:42.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 12/1/2016