openssl: security update to 1.0.1e
openssl was updated to 1.0.1e, fixing bugs and security issues:
o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
o Include the fips configuration module.
o Fix OCSP bad key DoS attack CVE-2013-0166 bnc#802746
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
bnc#802184
o Fix for TLS AESNI record handling flaw CVE-2012-2686
Also the following buyg was fixed:
bnc#757773 - c_rehash to accept more filename extensions
-
Submitted by
Marcus Meissner (msmeissn)
Fixed bugs
bnc#803004
openSSL 1.0.1d breaks most, if not all, SSL connections
bnc#802746
VUL-0: CVE-2013-0166: openssl: OCSP invalid key DoS issue
bnc#757773
ldap-client yast module requires certificates with "*.pem" name schema
bnc#802184
VUL-0: CVE-2013-0169: Lucky Thirteen 13 Tracker Bug
