Log Message:
Apply openSUSE-SU-2014:0764-1
openSUSE Security Update: openssl: update to version 1.0.1h

Description:

   The openssl library was updated to version 1.0.1h fixing various security
   issues and bugs:

   Security issues fixed:
   - CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully
     crafted handshake can force the use of weak keying material in OpenSSL
     SSL/TLS clients and servers.
   - CVE-2014-0221: Fix DTLS recursion flaw. By sending an invalid DTLS
     handshake to an OpenSSL DTLS client the code can be made to recurse
     eventually crashing in a DoS attack.
   - CVE-2014-0195: Fix DTLS invalid fragment vulnerability. A buffer
     overrun attack can be triggered by sending invalid DTLS fragments to an
      OpenSSL DTLS client or server. This is potentially exploitable to run
      arbitrary code on a vulnerable client or server.
   - CVE-2014-3470: Fix bug in TLS code where clients enable anonymous ECDH
     ciphersuites are subject to a denial of service attack.

Bump PKGREVISION.