oval:org.mitre.oval:def:25849

Definition Id: oval:org.mitre.oval:def:25849
 
Oval ID: oval:org.mitre.oval:def:25849
Title: SUSE-SU-2013:0549-2 -- Security update for OpenSSL
Description: OpenSSL has been updated to fix several security issues: * CVE-2012-4929: Avoid the openssl CRIME attack by disabling SSL compression by default. Setting the environment variable "OPENSSL_NO_DEFAULT_ZLIB" to "no" enables compression again. * CVE-2013-0169: Timing attacks against TLS could be used by physically local attackers to gain access to transmitted plain text or private keymaterial. This issue is also known as the "Lucky-13" issue. * CVE-2013-0166: A OCSP invalid key denial of service issue was fixed.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0549-2
CVE-2012-4929
CVE-2013-0169
CVE-2013-0166
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): OpenSSL
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1368
 
Oval ID: oval:org.mitre.oval:def:1368
Title: SUSE Linux Enterprise Server 10 is installed
Description: SUSE Linux Enterprise Server 10 is installed.
Family: unix Class: inventory
Reference(s): cpe:/o:novell:suse_linux:10::server
Version: 6
Platform(s): SUSE Linux Enterprise Server 10
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:25849