[opensuse] Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping
has this been fixed in suse ? http://arstechnica.com/security/2014/03/critical-crypto-bug-leaves-linux-hun... -- Hans Krueger hanskrueger007@roadrunner.com registered Linux user 289023 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Mon, Apr 07, 2014 at 08:39:58AM -0400, Hans Krueger wrote:
has this been fixed in suse ?
http://arstechnica.com/security/2014/03/critical-crypto-bug-leaves-linux-hun...
Yes, 1 month ago. openSUSE issues: http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00007.html SLES updates are also listed there. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 04/07/2014 09:06 AM, Marcus Meissner wrote:
On Mon, Apr 07, 2014 at 08:39:58AM -0400, Hans Krueger wrote:
has this been fixed in suse ?
http://arstechnica.com/security/2014/03/critical-crypto-bug-leaves-linux-hun...
Yes, 1 month ago.
openSUSE issues: http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00007.html
SLES updates are also listed there.
And just for completeness: Using: rpm -q --changelog gnutls | less will show you the changelog, for the current gnutls package it shows: * Mon Mar 03 2014 shchang@suse.com - Fixed bug [ bnc#865804] gnutls: CVE-2014-0092, insufficient X.509 certificate verification Add patch file: CVE-2014-0092.patch Enable elliptic curve and so ECDH support again to meet modern cryptographic requirements, removed gnutls-3.2.4-noecc.patch. and zypper info gnutls provides some information about the package and provides a best guess estimate from which repository the intalled package originated. Later, Robert -- Robert Schweikert MAY THE SOURCE BE WITH YOU SUSE-IBM Software Integration Center LINUX Tech Lead Public Cloud Architect rjschwei@suse.com rschweik@ca.ibm.com 781-464-8147 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 04/07/2014 09:06 AM, Marcus Meissner wrote:
On Mon, Apr 07, 2014 at 08:39:58AM -0400, Hans Krueger wrote:
has this been fixed in suse ?
http://arstechnica.com/security/2014/03/critical-crypto-bug-leaves-linux-hun... Yes, 1 month ago.
openSUSE issues: http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00007.html
SLES updates are also listed there.
Ciao, Marcus
great thanks -- Hans Krueger hanskrueger007@roadrunner.com registered Linux user 289023 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (3)
-
Hans Krueger
-
Marcus Meissner
-
Robert Schweikert