SuSE 11.1 Security Update : OpenSSL (SAT Patch Number 6054)
Medium Nessus Plugin ID 58678
The remote SuSE 11 host is missing one or more security updates.
The following security issues have been fixed : - Specially crafted MIME headers could cause openssl's ans1 parser to dereference a NULL pointer leading to a Denial of Service (CVE-2006-7250) or fail verfication. (CVE-2012-1165) - The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL was vulnerable to a Million Message Attack (MMA) adaptive chosen ciphertext attack. (CVE-2012-0884) Additionally, the following issues have been fixed : - Free headers after use in error message. (bnc#749213) - Symmetric crypto errors in PKCS7_decrypt. (bnc#749210) - Memory leak when creating public keys. (bnc#749735)