SuSE Local Security Checks : openSUSE: Security Advisory for Security (openSUSE-SU-2015:2243-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.851141
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for Security (openSUSE-SU-2015:2243-1)
Summary:	The remote host is missing an update for the 'Security'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'Security' package(s) announced via the referenced advisory. Vulnerability Insight: MySQL was updated to 5.6.27 to fix security issues and bugs. The following vulnerabilities were fixed as part of the upstream release [boo#951391]: CVE-2015-1793, CVE-2015-0286, CVE-2015-0288, CVE-2015-1789, CVE-2015-4730, CVE-2015-4766, CVE-2015-4792, CVE-2015-4800, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4833, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4862, CVE-2015-4864, CVE-2015-4866, CVE-2015-4870, CVE-2015-4879, CVE-2015-4890, CVE-2015-4895, CVE-2015-4904, CVE-2015-4905, CVE-2015-4910, CVE-2015-4913 Details on these and other changes can be found at the linked vendor news. The following security relevant changes are included additionally: * CVE-2015-3152: MySQL lacked SSL enforcement. Using - -ssl-verify-server-cert and --ssl[-*] implies that the ssl connection is required. The mysql client will now print an error if ssl is required, but the server can not handle a ssl connection [boo#924663], [boo#928962] Affected Software/OS: Security on openSUSE 13.2, openSUSE 13.1 Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0286 http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html BugTraq ID: 73225 http://www.securityfocus.com/bid/73225 Debian Security Information: DSA-3197 (Google Search) http://www.debian.org/security/2015/dsa-3197 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html FreeBSD Security Advisory: FreeBSD-SA-15:12 https://www.freebsd.org/security/advisories/FreeBSD-SA-15%3A06.openssl.asc HPdes Security Advisory: HPSBGN03306 http://marc.info/?l=bugtraq&m=142841429220765&w=2 HPdes Security Advisory: HPSBMU03380 http://marc.info/?l=bugtraq&m=143748090628601&w=2 HPdes Security Advisory: HPSBMU03397 http://marc.info/?l=bugtraq&m=144050297101809&w=2 HPdes Security Advisory: HPSBMU03409 http://marc.info/?l=bugtraq&m=144050155601375&w=2 HPdes Security Advisory: HPSBMU03413 http://marc.info/?l=bugtraq&m=144050254401665&w=2 HPdes Security Advisory: HPSBUX03334 http://marc.info/?l=bugtraq&m=143213830203296&w=2 HPdes Security Advisory: SSRT102000 http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 http://www.mandriva.com/security/advisories?name=MDVSA-2015:063 RedHat Security Advisories: RHSA-2015:0715 http://rhn.redhat.com/errata/RHSA-2015-0715.html RedHat Security Advisories: RHSA-2015:0716 http://rhn.redhat.com/errata/RHSA-2015-0716.html RedHat Security Advisories: RHSA-2015:0752 http://rhn.redhat.com/errata/RHSA-2015-0752.html RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.securitytracker.com/id/1031929 http://www.securitytracker.com/id/1032917 SuSE Security Announcement: SUSE-SU-2015:0541 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.html SuSE Security Announcement: SUSE-SU-2015:0578 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html SuSE Security Announcement: openSUSE-SU-2015:0554 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00062.html SuSE Security Announcement: openSUSE-SU-2015:1277 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html http://www.ubuntu.com/usn/USN-2537-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-0288 BugTraq ID: 73237 http://www.securityfocus.com/bid/73237 https://security.gentoo.org/glsa/201503-11 RedHat Security Advisories: RHSA-2015:0800 http://rhn.redhat.com/errata/RHSA-2015-0800.html Common Vulnerability Exposure (CVE) ID: CVE-2015-1789 1032564 http://www.securitytracker.com/id/1032564 20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl 75156 http://www.securityfocus.com/bid/75156 91787 http://www.securityfocus.com/bid/91787 APPLE-SA-2015-08-13-2 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html DSA-3287 http://www.debian.org/security/2015/dsa-3287 FEDORA-2015-10047 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html FEDORA-2015-10108 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html GLSA-201506-02 https://security.gentoo.org/glsa/201506-02 HPSBGN03371 http://marc.info/?l=bugtraq&m=143654156615516&w=2 HPSBMU03409 HPSBUX03388 http://marc.info/?l=bugtraq&m=143880121627664&w=2 NetBSD-SA2015-008 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc RHSA-2015:1115 http://rhn.redhat.com/errata/RHSA-2015-1115.html RHSA-2015:1197 http://rhn.redhat.com/errata/RHSA-2015-1197.html SSRT102180 SUSE-SU-2015:1143 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html SUSE-SU-2015:1150 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html SUSE-SU-2015:1181 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html SUSE-SU-2015:1182 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html SUSE-SU-2015:1183 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html SUSE-SU-2015:1184 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html SUSE-SU-2015:1185 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html USN-2639-1 http://www.ubuntu.com/usn/USN-2639-1 http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733 http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015 http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html https://bto.bluecoat.com/security-advisory/sa98 https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965 https://kc.mcafee.com/corporate/index?page=content&id=SB10122 https://openssl.org/news/secadv/20150611.txt https://support.apple.com/kb/HT205031 https://support.citrix.com/article/CTX216642 https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11 https://www.openssl.org/news/secadv_20150611.txt openSUSE-SU-2015:1139 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html openSUSE-SU-2015:1277 openSUSE-SU-2016:0640 Common Vulnerability Exposure (CVE) ID: CVE-2015-1793 BugTraq ID: 75652 http://www.securityfocus.com/bid/75652 BugTraq ID: 91787 Cisco Security Advisory: 20150710 OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150710-openssl https://www.exploit-db.com/exploits/38640/ http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161747.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161782.html https://www.freebsd.org/security/advisories/FreeBSD-SA-15:12.openssl.asc https://security.gentoo.org/glsa/201507-15 HPdes Security Advisory: HPSBGN03424 http://marc.info/?l=bugtraq&m=144370846326989&w=2 HPdes Security Advisory: HPSBUX03388 HPdes Security Advisory: SSRT102180 NETBSD Security Advisory: NetBSD-SA2015-008 http://www.securitytracker.com/id/1032817 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.561427 Common Vulnerability Exposure (CVE) ID: CVE-2015-3152 BugTraq ID: 74398 http://www.securityfocus.com/bid/74398 Bugtraq: 20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade (Google Search) http://www.securityfocus.com/archive/1/535397/100/1100/threaded Debian Security Information: DSA-3311 (Google Search) http://www.debian.org/security/2015/dsa-3311 http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html http://www.ocert.org/advisories/ocert-2015-003.html https://www.duosecurity.com/blog/backronym-mysql-vulnerability RedHat Security Advisories: RHSA-2015:1646 http://rhn.redhat.com/errata/RHSA-2015-1646.html RedHat Security Advisories: RHSA-2015:1647 http://rhn.redhat.com/errata/RHSA-2015-1647.html RedHat Security Advisories: RHSA-2015:1665 http://rhn.redhat.com/errata/RHSA-2015-1665.html http://www.securitytracker.com/id/1032216 Common Vulnerability Exposure (CVE) ID: CVE-2015-4730 BugTraq ID: 77199 http://www.securityfocus.com/bid/77199 http://www.securitytracker.com/id/1033894 http://www.ubuntu.com/usn/USN-2781-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-4766 BugTraq ID: 77232 http://www.securityfocus.com/bid/77232 Common Vulnerability Exposure (CVE) ID: CVE-2015-4792 BugTraq ID: 77171 http://www.securityfocus.com/bid/77171 Debian Security Information: DSA-3377 (Google Search) http://www.debian.org/security/2015/dsa-3377 Debian Security Information: DSA-3385 (Google Search) http://www.debian.org/security/2015/dsa-3385 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html RedHat Security Advisories: RHSA-2016:0534 http://rhn.redhat.com/errata/RHSA-2016-0534.html RedHat Security Advisories: RHSA-2016:0705 http://rhn.redhat.com/errata/RHSA-2016-0705.html RedHat Security Advisories: RHSA-2016:1132 https://access.redhat.com/errata/RHSA-2016:1132 RedHat Security Advisories: RHSA-2016:1480 http://rhn.redhat.com/errata/RHSA-2016-1480.html RedHat Security Advisories: RHSA-2016:1481 http://rhn.redhat.com/errata/RHSA-2016-1481.html SuSE Security Announcement: SUSE-SU-2016:0296 (Google Search) https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html SuSE Security Announcement: openSUSE-SU-2015:2244 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:2246 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html SuSE Security Announcement: openSUSE-SU-2016:0368 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4800 BugTraq ID: 77216 http://www.securityfocus.com/bid/77216 Common Vulnerability Exposure (CVE) ID: CVE-2015-4802 BugTraq ID: 77165 http://www.securityfocus.com/bid/77165 Common Vulnerability Exposure (CVE) ID: CVE-2015-4815 BugTraq ID: 77222 http://www.securityfocus.com/bid/77222 Common Vulnerability Exposure (CVE) ID: CVE-2015-4816 BugTraq ID: 77134 http://www.securityfocus.com/bid/77134 RedHat Security Advisories: RHSA-2015:1628 http://rhn.redhat.com/errata/RHSA-2015-1628.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4819 BugTraq ID: 77196 http://www.securityfocus.com/bid/77196 Common Vulnerability Exposure (CVE) ID: CVE-2015-4826 BugTraq ID: 77237 http://www.securityfocus.com/bid/77237 Common Vulnerability Exposure (CVE) ID: CVE-2015-4830 BugTraq ID: 77228 http://www.securityfocus.com/bid/77228 Common Vulnerability Exposure (CVE) ID: CVE-2015-4833 BugTraq ID: 77170 http://www.securityfocus.com/bid/77170 Common Vulnerability Exposure (CVE) ID: CVE-2015-4836 BugTraq ID: 77190 http://www.securityfocus.com/bid/77190 Common Vulnerability Exposure (CVE) ID: CVE-2015-4858 BugTraq ID: 77145 http://www.securityfocus.com/bid/77145 Common Vulnerability Exposure (CVE) ID: CVE-2015-4861 BugTraq ID: 77137 http://www.securityfocus.com/bid/77137 Common Vulnerability Exposure (CVE) ID: CVE-2015-4862 BugTraq ID: 77147 http://www.securityfocus.com/bid/77147 Common Vulnerability Exposure (CVE) ID: CVE-2015-4864 BugTraq ID: 77187 http://www.securityfocus.com/bid/77187 Common Vulnerability Exposure (CVE) ID: CVE-2015-4866 BugTraq ID: 77132 http://www.securityfocus.com/bid/77132 Common Vulnerability Exposure (CVE) ID: CVE-2015-4870 BugTraq ID: 77208 http://www.securityfocus.com/bid/77208 https://www.exploit-db.com/exploits/39867/ http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4879 BugTraq ID: 77140 http://www.securityfocus.com/bid/77140 Common Vulnerability Exposure (CVE) ID: CVE-2015-4890 BugTraq ID: 77231 http://www.securityfocus.com/bid/77231 Common Vulnerability Exposure (CVE) ID: CVE-2015-4895 BugTraq ID: 77136 http://www.securityfocus.com/bid/77136 Common Vulnerability Exposure (CVE) ID: CVE-2015-4904 BugTraq ID: 77219 http://www.securityfocus.com/bid/77219 Common Vulnerability Exposure (CVE) ID: CVE-2015-4905 BugTraq ID: 77143 http://www.securityfocus.com/bid/77143 Common Vulnerability Exposure (CVE) ID: CVE-2015-4910 BugTraq ID: 77234 http://www.securityfocus.com/bid/77234 Common Vulnerability Exposure (CVE) ID: CVE-2015-4913 BugTraq ID: 77153 http://www.securityfocus.com/bid/77153
Copyright	Copyright (C) 2015 Greenbone Networks GmbH