openSUSE Security Update: cipher upgrade and SNI support for apache2-mod_nss, bug
Announcement ID: openSUSE-SU-2014:0979-1
References: #859439 #863518 #878681
An update that contains security fixes can now be installed.
apache2-mod_nss is alternative yet not exclusive to mod_nss. This update
introduces Server Name Indication support to mod_nss, which was not
available previously. In addition to SNI, GCM ciphers have been added to
the cipher list of mod_nss. A bug was corrected that prevented the entry
of the certificate store passphrase if such a passphrase was set. Please
note that the configuration presets were slightly changed so that the new
ciphers are preferred (NSSCipherSuite directive), and the VirtualHost
directive is now contained in /etc/apache2/vhosts.d/vhost-nss.templace
(not used by apache because not named *.conf).
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch openSUSE-2014-488
To bring your system up-to-date, use "zypper patch".
- openSUSE 13.1 (i586 x86_64):