SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7174)
Medium Nessus Plugin ID 50610
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionSpecially crafted responses from SSL servers could cause a double-free bug in openssl's client implementation. Malicious servers could exploit that to crash programs use openssl for the SSL connection (CVE-2010-2939). This has been fixed.
SolutionApply ZYPP patch number 7174.