Environment
Novell Open Enterprise Server 2015 (OES 2015)
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 2
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 2
Situation
CVE-2016-0800 DROWN cross protocol attack on TLS using SSLv2
Resolution
The following updates are available to resolve this vulnerability:
OE11sp2
https://download.novell.com/Download?buildid=LrnXG8PC71s~
zypper lp --cve=CVE-2016-0800
Refreshing service 'nu_novell_com'.
Loading repository data...
Reading installed packages...
Issue | No. | Patch | Category | Status
------+---------------+------------------------+----------+-------
cve | CVE-2016-0800 | oes11sp2-openssl-10870 | security | needed
to install:
zypper patch --cve=CVE-2016-0800
zypper lp --cve=CVE-2016-0800
Refreshing service 'nu_novell_com'.
Loading repository data...
Reading installed packages...
Issue | No. | Patch | Category | Status
------+---------------+-----------------------+----------+-------
cve | CVE-2016-0800 | oes2015-openssl-10869 | security | needed
to install:
zypper patch --cve=CVE-2016-0800
Refreshing service 'nu_novell_com'.
Loading repository data...
Reading installed packages...
Issue | No. | Patch | Category | Status
------+---------------+-----------------------+----------+-------
cve | CVE-2016-0800 | oes2015-openssl-10869 | security | needed
to install:
zypper patch --cve=CVE-2016-0800
Cause
For more information on this vulnerability, see:
https://www.suse.com/support/kb/doc.php?id=7017297
https://www.suse.com/support/kb/doc.php?id=7017297