34 captures
09 Jul 2015 - 09 Dec 2025
Jun JUL Aug
09
2014 2015 2016
success
fail

About this capture

COLLECTED BY

Organization: Arizona State Library, Archives, and Public Records

Arizona State Library, Archives, and Public Records

Archive-It Partner Since: Apr, 2007
Organization Type: State Archives & Libraries
Organization URL:http://www.lib.az.us/

The Arizona State Library, Archives and Public Records ensures that the Arizona Legislature and Arizonans have access to the information they need today, and the history of Arizona for tomorrow, through partnerships with all types of cultural and public information institutions.

The agency provides access to unique historical and contemporary resources in the areas of law, government, genealogy and Arizoniana. The agency includes the official archives of the state, a state and federal publications depository library, the state law library, the Capitol Museum, and a genealogy and maps collection. The agency also offers special services for the visually and physically impaired, services to public libraries, and the public records management program.

Collection: Arizona State Government R-S Agencies, Boards, Councils and Commissions

Collection contains content from Arizona State Government agencies, boards, councils and commissions websites.
TIMESTAMPS

The Wayback Machine - http://web.archive.org/web/20150709092225/https://www.suse.com/security/cve/CVE-2015-4000.html
  




> support

CVE-2015-4000

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]


Upstream information


CVE-2015-4000 at MITRE

Description

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)

SUSE information

Note from the SUSE Security Team

This issue codenamed Logjam is a cryptographic weakness in various Diffie Hellmann Key exchange default settings, regarding their keylengths and also common usage. The website http://weakdh.org/ refers to papers and already some new implementation and adminstration guidelines. More information from SUSE will be also forthcoming.
SUSE Bugzilla entries: 931600, 931845, 932026, 932483, 934789, 935033, 935540, 935979, 936168, 937202
SUSE Security Advisories:
SUSE-SU-2015:1143-1, published Thu, 25 Jun 2015 18:05:48 +0200 (CEST)
SUSE-SU-2015:1150-1, published Fri, 26 Jun 2015 13:05:09 +0200 (CEST)
SUSE-SU-2015:1177-1, published Thu, 2 Jul 2015 21:05:19 +0200 (CEST)
SUSE-SU-2015:1181-1, published Fri, 3 Jul 2015 14:05:21 +0200 (CEST)
SUSE-SU-2015:1181-2, published Fri, 3 Jul 2015 20:06:29 +0200 (CEST)
SUSE-SU-2015:1182-1, published Fri, 3 Jul 2015 14:06:19 +0200 (CEST)
SUSE-SU-2015:1182-2, published Fri, 3 Jul 2015 20:07:31 +0200 (CEST)
SUSE-SU-2015:1183-1, published Fri, 3 Jul 2015 15:05:22 +0200 (CEST)
SUSE-SU-2015:1183-2, published Fri, 3 Jul 2015 20:08:44 +0200 (CEST)
SUSE-SU-2015:1184-1, published Fri, 3 Jul 2015 16:05:24 +0200 (CEST)
SUSE-SU-2015:1184-2, published Fri, 3 Jul 2015 20:05:20 +0200 (CEST)
SUSE-SU-2015:1185-1, published Fri, 3 Jul 2015 16:06:39 +0200 (CEST)
TID7016529, published Fri May 22 01:07:53 CEST 2015
openSUSE-SU-2015:1139-1, published Thu, 25 Jun 2015 11:05:10 +0200 (CEST)
openSUSE-SU-2015:1209-1, published Wed, 8 Jul 2015 18:08:38 +0200 (CEST)

List of released packages

Product(s) Fixed package version(s) References
1.7
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • libopenssl0_9_8-32bit >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac-32bit >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
  • openssl-doc >= 0.9.8j-0.72.1
 Patchnames:
sleman17sp2-libopenssl-devel
SUSE Linux Enterprise Desktop 12
  • compat-openssl098 >= 0.9.8j-78.1
  • libopenssl0_9_8 >= 0.9.8j-78.1
  • libopenssl0_9_8-32bit >= 0.9.8j-78.1
  • libopenssl1_0_0 >= 1.0.1i-25.1
  • libopenssl1_0_0-32bit >= 1.0.1i-25.1
  • openssl >= 1.0.1i-25.1
 Patchnames:
SUSE-SLE-DESKTOP-12-2015-282
SUSE-SLE-DESKTOP-12-2015-285
SUSE Linux Enterprise Module for Legacy Software 12
  • compat-openssl098 >= 0.9.8j-78.1
  • libopenssl0_9_8 >= 0.9.8j-78.1
  • libopenssl0_9_8-32bit >= 0.9.8j-78.1
 Patchnames:
SUSE-SLE-Module-Legacy-12-2015-285
SUSE Linux Enterprise Server 12
  • libopenssl1_0_0 >= 1.0.1i-25.1
  • libopenssl1_0_0-32bit >= 1.0.1i-25.1
  • libopenssl1_0_0-hmac >= 1.0.1i-25.1
  • libopenssl1_0_0-hmac-32bit >= 1.0.1i-25.1
  • openssl >= 1.0.1i-25.1
  • openssl-doc >= 1.0.1i-25.1
 Patchnames:
SUSE-SLE-SERVER-12-2015-282
SUSE Linux Enterprise Software Development Kit 12
  • libopenssl-devel >= 1.0.1i-25.1
  • openssl >= 1.0.1i-25.1
 Patchnames:
SUSE-SLE-SDK-12-2015-282
SUSE Linux Enterprise Server 10 SP4 LTSS for x86
  • compat-openssl097g >= 0.9.7g-13.31.1
 Builds
ZYPP Patch Nr: 9131
SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 LTSS for IBM zSeries 64bit
  • compat-openssl097g >= 0.9.7g-13.31.1
  • compat-openssl097g-32bit >= 0.9.7g-13.31.1
 Builds
ZYPP Patch Nr: 9131
SLE CLIENT TOOLS 10 for x86
  • openssl >= 0.9.8a-18.92.1
 Builds
ZYPP Patch Nr: 9128
SLE CLIENT TOOLS 10 for s390x
SLE CLIENT TOOLS 10 for x86_64
  • openssl >= 0.9.8a-18.92.1
  • openssl-32bit >= 0.9.8a-18.92.1
 Builds
ZYPP Patch Nr: 9128
SUSE Linux Enterprise Security Module 11 SP3
  • libopenssl1-devel >= 1.0.1g-0.30.1
  • libopenssl1_0_0 >= 1.0.1g-0.30.1
  • openssl1 >= 1.0.1g-0.30.1
  • openssl1-doc >= 1.0.1g-0.30.1
 Builds
SAT Patch Nr: 10778
SUSE Linux Enterprise Security Module 11 SP3
  • libopenssl1-devel >= 1.0.1g-0.30.1
  • libopenssl1_0_0 >= 1.0.1g-0.30.1
  • libopenssl1_0_0-x86 >= 1.0.1g-0.30.1
  • openssl1 >= 1.0.1g-0.30.1
  • openssl1-doc >= 1.0.1g-0.30.1
 Builds
SAT Patch Nr: 10778
SUSE Linux Enterprise Security Module 11 SP3
  • libopenssl1-devel >= 1.0.1g-0.30.1
  • libopenssl1_0_0 >= 1.0.1g-0.30.1
  • libopenssl1_0_0-32bit >= 1.0.1g-0.30.1
  • openssl1 >= 1.0.1g-0.30.1
  • openssl1-doc >= 1.0.1g-0.30.1
 Builds
SAT Patch Nr: 10778
SUSE Manager 1.7 for SLE 11 SP2
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • libopenssl0_9_8-32bit >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac-32bit >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
  • openssl-doc >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10780
SUSE Studio Onsite 1.3
  • libopenssl-devel >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10780
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libmysql55client_r18-x86 >= 5.5.43-0.9.1
  • libmysqlclient_r15-x86 >= 5.0.96-0.8.8.1
 Builds
SAT Patch Nr: 10826
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libmysql55client_r18-32bit >= 5.5.43-0.9.1
  • libmysqlclient_r15-32bit >= 5.0.96-0.8.8.1
 Builds
SAT Patch Nr: 10826
SUSE Linux Enterprise Desktop 11 SP3
  • libmysql55client18 >= 5.5.43-0.9.1
  • libmysql55client_r18 >= 5.5.43-0.9.1
  • libmysqlclient15 >= 5.0.96-0.8.8.1
  • libmysqlclient_r15 >= 5.0.96-0.8.8.1
  • mysql >= 5.5.43-0.9.1
  • mysql-client >= 5.5.43-0.9.1
 Builds
SAT Patch Nr: 10826
SUSE Linux Enterprise Desktop 11 SP3
  • libmysql55client18 >= 5.5.43-0.9.1
  • libmysql55client18-32bit >= 5.5.43-0.9.1
  • libmysql55client_r18 >= 5.5.43-0.9.1
  • libmysql55client_r18-32bit >= 5.5.43-0.9.1
  • libmysqlclient15 >= 5.0.96-0.8.8.1
  • libmysqlclient15-32bit >= 5.0.96-0.8.8.1
  • libmysqlclient_r15 >= 5.0.96-0.8.8.1
  • libmysqlclient_r15-32bit >= 5.0.96-0.8.8.1
  • mysql >= 5.5.43-0.9.1
  • mysql-client >= 5.5.43-0.9.1
 Builds
SAT Patch Nr: 10826
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libmysql55client18 >= 5.5.43-0.9.1
  • libmysql55client18-32bit >= 5.5.43-0.9.1
  • libmysql55client_r18 >= 5.5.43-0.9.1
  • libmysqlclient15 >= 5.0.96-0.8.8.1
  • libmysqlclient15-32bit >= 5.0.96-0.8.8.1
  • libmysqlclient_r15 >= 5.0.96-0.8.8.1
  • mysql >= 5.5.43-0.9.1
  • mysql-client >= 5.5.43-0.9.1
  • mysql-tools >= 5.5.43-0.9.1
 Builds
SAT Patch Nr: 10826
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libmysql55client18 >= 5.5.43-0.9.1
  • libmysql55client_r18 >= 5.5.43-0.9.1
  • libmysqlclient15 >= 5.0.96-0.8.8.1
  • libmysqlclient_r15 >= 5.0.96-0.8.8.1
  • mysql >= 5.5.43-0.9.1
  • mysql-client >= 5.5.43-0.9.1
  • mysql-tools >= 5.5.43-0.9.1
 Builds
SAT Patch Nr: 10826
SUSE Linux Enterprise Server 11 SP3
  • libmysql55client18 >= 5.5.43-0.9.1
  • libmysql55client18-x86 >= 5.5.43-0.9.1
  • libmysql55client_r18 >= 5.5.43-0.9.1
  • libmysqlclient15 >= 5.0.96-0.8.8.1
  • libmysqlclient15-x86 >= 5.0.96-0.8.8.1
  • libmysqlclient_r15 >= 5.0.96-0.8.8.1
  • mysql >= 5.5.43-0.9.1
  • mysql-client >= 5.5.43-0.9.1
  • mysql-tools >= 5.5.43-0.9.1
 Builds
SAT Patch Nr: 10826
SUSE Linux Enterprise Server 11 SP2 LTSS
  • libopenssl-devel >= 0.9.8j-0.72.1
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
  • openssl-doc >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10795
SUSE Linux Enterprise Server 11 SP2 LTSS
  • libopenssl-devel >= 0.9.8j-0.72.1
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • libopenssl0_9_8-32bit >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac-32bit >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
  • openssl-doc >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10795
SUSE Linux Enterprise for SAP Applications 11 SP1
  • compat-openssl097g >= 0.9.7g-146.22.31.1
  • compat-openssl097g-32bit >= 0.9.7g-146.22.31.1
 Builds
SAT Patch Nr: 10793
SLES for SAP Applications
SUSE Linux Enterprise Desktop 11 SP3
  • compat-openssl097g >= 0.9.7g-146.22.31.1
  • compat-openssl097g-32bit >= 0.9.7g-146.22.31.1
 Builds
SAT Patch Nr: 10790
SUSE Linux Enterprise Desktop 11 SP3
  • compat-openssl097g >= 0.9.7g-146.22.31.1
 Builds
SAT Patch Nr: 10790
SUSE Linux Enterprise Server 10 SP4 LTSS for x86
  • openssl >= 0.9.8a-18.92.1
  • openssl-devel >= 0.9.8a-18.92.1
  • openssl-doc >= 0.9.8a-18.92.1
 Builds
ZYPP Patch Nr: 9130
SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 LTSS for IBM zSeries 64bit
  • openssl >= 0.9.8a-18.92.1
  • openssl-32bit >= 0.9.8a-18.92.1
  • openssl-devel >= 0.9.8a-18.92.1
  • openssl-devel-32bit >= 0.9.8a-18.92.1
  • openssl-doc >= 0.9.8a-18.92.1
 Builds
ZYPP Patch Nr: 9130
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libopenssl-devel >= 0.9.8j-0.72.1
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
  • openssl-doc >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10794
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libopenssl-devel >= 0.9.8j-0.72.1
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • libopenssl0_9_8-32bit >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac-32bit >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
  • openssl-doc >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10794
SUSE Linux Enterprise for SAP Applications 11 SP2
  • compat-openssl097g >= 0.9.7g-146.22.31.1
  • compat-openssl097g-32bit >= 0.9.7g-146.22.31.1
 Builds
SAT Patch Nr: 10802
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libopenssl-devel >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10781
SUSE Linux Enterprise Desktop 11 SP3
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10781
SUSE Linux Enterprise Desktop 11 SP3
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • libopenssl0_9_8-32bit >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10781
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • libopenssl0_9_8-32bit >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac-32bit >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
  • openssl-doc >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10781
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
  • openssl-doc >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10781
SUSE Linux Enterprise Server 11 SP3
  • libopenssl0_9_8 >= 0.9.8j-0.72.1
  • libopenssl0_9_8-hmac >= 0.9.8j-0.72.1
  • libopenssl0_9_8-x86 >= 0.9.8j-0.72.1
  • openssl >= 0.9.8j-0.72.1
  • openssl-doc >= 0.9.8j-0.72.1
 Builds
SAT Patch Nr: 10781
openSUSE 13.1
  • libmysql56client18 >= 5.6.25-7.4.1
  • libmysql56client18-32bit >= 5.6.25-7.4.1
  • libmysql56client18-debuginfo >= 5.6.25-7.4.1
  • libmysql56client18-debuginfo-32bit >= 5.6.25-7.4.1
  • libmysql56client_r18 >= 5.6.25-7.4.1
  • libmysql56client_r18-32bit >= 5.6.25-7.4.1
  • libopenssl-devel >= 1.0.1k-11.72.1
  • libopenssl-devel-32bit >= 1.0.1k-11.72.1
  • libopenssl1_0_0 >= 1.0.1k-11.72.1
  • libopenssl1_0_0-32bit >= 1.0.1k-11.72.1
  • libopenssl1_0_0-debuginfo >= 1.0.1k-11.72.1
  • libopenssl1_0_0-debuginfo-32bit >= 1.0.1k-11.72.1
  • mysql-community-server >= 5.6.25-7.4.1
  • mysql-community-server-bench >= 5.6.25-7.4.1
  • mysql-community-server-bench-debuginfo >= 5.6.25-7.4.1
  • mysql-community-server-client >= 5.6.25-7.4.1
  • mysql-community-server-client-debuginfo >= 5.6.25-7.4.1
  • mysql-community-server-debuginfo >= 5.6.25-7.4.1
  • mysql-community-server-debugsource >= 5.6.25-7.4.1
  • mysql-community-server-errormessages >= 5.6.25-7.4.1
  • mysql-community-server-test >= 5.6.25-7.4.1
  • mysql-community-server-test-debuginfo >= 5.6.25-7.4.1
  • mysql-community-server-tools >= 5.6.25-7.4.1
  • mysql-community-server-tools-debuginfo >= 5.6.25-7.4.1
  • openssl >= 1.0.1k-11.72.1
  • openssl-debuginfo >= 1.0.1k-11.72.1
  • openssl-debugsource >= 1.0.1k-11.72.1
  • openssl-doc >= 1.0.1k-11.72.1
 Patchnames:
openSUSE-2015-447
openSUSE-2015-474
openSUSE 13.2
  • libmysql56client18 >= 5.6.25-2.3.1
  • libmysql56client18-32bit >= 5.6.25-2.3.1
  • libmysql56client18-debuginfo >= 5.6.25-2.3.1
  • libmysql56client18-debuginfo-32bit >= 5.6.25-2.3.1
  • libmysql56client_r18 >= 5.6.25-2.3.1
  • libmysql56client_r18-32bit >= 5.6.25-2.3.1
  • libopenssl-devel >= 1.0.1k-2.24.1
  • libopenssl-devel-32bit >= 1.0.1k-2.24.1
  • libopenssl1_0_0 >= 1.0.1k-2.24.1
  • libopenssl1_0_0-32bit >= 1.0.1k-2.24.1
  • libopenssl1_0_0-debuginfo >= 1.0.1k-2.24.1
  • libopenssl1_0_0-debuginfo-32bit >= 1.0.1k-2.24.1
  • libopenssl1_0_0-hmac >= 1.0.1k-2.24.1
  • libopenssl1_0_0-hmac-32bit >= 1.0.1k-2.24.1
  • mysql-community-server >= 5.6.25-2.3.1
  • mysql-community-server-bench >= 5.6.25-2.3.1
  • mysql-community-server-bench-debuginfo >= 5.6.25-2.3.1
  • mysql-community-server-client >= 5.6.25-2.3.1
  • mysql-community-server-client-debuginfo >= 5.6.25-2.3.1
  • mysql-community-server-debuginfo >= 5.6.25-2.3.1
  • mysql-community-server-debugsource >= 5.6.25-2.3.1
  • mysql-community-server-errormessages >= 5.6.25-2.3.1
  • mysql-community-server-test >= 5.6.25-2.3.1
  • mysql-community-server-test-debuginfo >= 5.6.25-2.3.1
  • mysql-community-server-tools >= 5.6.25-2.3.1
  • mysql-community-server-tools-debuginfo >= 5.6.25-2.3.1
  • openssl >= 1.0.1k-2.24.1
  • openssl-debuginfo >= 1.0.1k-2.24.1
  • openssl-debugsource >= 1.0.1k-2.24.1
  • openssl-doc >= 1.0.1k-2.24.1
 Patchnames:
openSUSE-2015-447
openSUSE-2015-474

List of products where fixes are in QA

SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP1 LTSS
SUSE Linux Enterprise Server 11 SP2 LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Software Development Kit 11 SP3