SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionThis update of openssl fixes the following denial of service vulnerabilities :
- Denial of Service via CBC mode handling. (CVE-2012-2333)
- A deadlock condition introduced by the previous memory leak fix due to entering a lock twice. This would only happen in multithreaded programs.
In addition, openssl's cms subcommand (Crypthographic Message Syntax) has been enabled.
SolutionApply ZYPP patch number 8143.