fossil-1.35-1.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10479-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z fossil-1.35-1.3 on GA media These are all security issues fixed in the fossil-1.35-1.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10479 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2014-3566/ SUSE CVE CVE-2014-3566 page openSUSE Tumbleweed fossil-1.35-1.3 fossil-1.35-1.3 as a component of openSUSE Tumbleweed The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. CVE-2014-3566 openSUSE Tumbleweed:fossil-1.35-1.3 critical 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3566.html CVE-2014-3566 https://bugzilla.suse.com/1011293 SUSE Bug 1011293 https://bugzilla.suse.com/1031023 SUSE Bug 1031023 https://bugzilla.suse.com/901223 SUSE Bug 901223 https://bugzilla.suse.com/901254 SUSE Bug 901254 https://bugzilla.suse.com/901277 SUSE Bug 901277 https://bugzilla.suse.com/901748 SUSE Bug 901748 https://bugzilla.suse.com/901757 SUSE Bug 901757 https://bugzilla.suse.com/901759 SUSE Bug 901759 https://bugzilla.suse.com/901889 SUSE Bug 901889 https://bugzilla.suse.com/901968 SUSE Bug 901968 https://bugzilla.suse.com/902229 SUSE Bug 902229 https://bugzilla.suse.com/902233 SUSE Bug 902233 https://bugzilla.suse.com/902476 SUSE Bug 902476 https://bugzilla.suse.com/903405 SUSE Bug 903405 https://bugzilla.suse.com/903684 SUSE Bug 903684 https://bugzilla.suse.com/904889 SUSE Bug 904889 https://bugzilla.suse.com/905106 SUSE Bug 905106 https://bugzilla.suse.com/914041 SUSE Bug 914041 https://bugzilla.suse.com/994144 SUSE Bug 994144