Back to bug 1025598
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Hubert Kario | 2013-11-01 11:48:50 UTC | QA Contact | qe-baseos-security | hkario |
| Tomas Mraz | 2013-11-04 15:31:09 UTC | Status | NEW | MODIFIED |
| Fixed In Version | openssl-1.0.1e-16.el6 | |||
| errata-xmlrpc | 2013-11-04 15:58:23 UTC | Status | MODIFIED | ON_QA |
| Tomas Mraz | 2013-11-05 13:51:43 UTC | Fixed In Version | openssl-1.0.1e-16.el6 | openssl-1.0.1e-16.el6_5 |
| Tomas Mraz | 2013-11-06 16:25:45 UTC | Doc Text | Cause: The TLS client as implemented by OpenSSL in the RHEL-6.5 update advertised support for elliptic cryptography curves that were not really supported when it was connecting to a TLS server. Consequence: Server then could choose unsupported elliptic curve and client would not be able to communicate with the server over the TLS. Fix: OpenSSL TLS client now advertises only the curves that are supported by it. Result: TLS communication with server that uses also curves that are not supported by the RHEL OpenSSL TLS client can be established. |
|
| Jana Heves | 2013-11-07 16:01:55 UTC | CC | jsvarova | |
| Doc Text | Cause: The TLS client as implemented by OpenSSL in the RHEL-6.5 update advertised support for elliptic cryptography curves that were not really supported when it was connecting to a TLS server. Consequence: Server then could choose unsupported elliptic curve and client would not be able to communicate with the server over the TLS. Fix: OpenSSL TLS client now advertises only the curves that are supported by it. Result: TLS communication with server that uses also curves that are not supported by the RHEL OpenSSL TLS client can be established. | Prior to this update, the Transport Layer Security (TLS) client advertised support for some elliptic curves that are not supported by it. As a consequence, server could choose unsupported elliptic curve and client would not be able to communicate with the server over the TLS. With this update, OpenSSL TLS client advertises only the curves that are supported by it, and TLS communication with server (using also curves not supported by the Red Hat Enterprise Linux OpenSSL TLS client) can now be established. | ||
| Christian Horn | 2013-11-12 13:34:57 UTC | CC | chorn, ltroan | |
| errata-xmlrpc | 2013-11-12 15:24:09 UTC | Status | ON_QA | VERIFIED |
| errata-xmlrpc | 2013-11-21 00:05:24 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2013-11-22 00:25:47 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2013-11-21 19:25:47 UTC | |||
| Christian Horn | 2013-12-26 11:56:15 UTC | Link ID | Red Hat Knowledge Base (Solution) 655233 | |
| Miloslav Trmač | 2018-12-04 12:36:46 UTC | CC | mitr |
Back to bug 1025598