Back to bug 1402588
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Petr Pisar | 2016-12-08 07:45:19 UTC | Status | NEW | ASSIGNED |
| CC | ppisar | |||
| Petr Pisar | 2016-12-08 08:11:14 UTC | Keywords | FutureFeature | |
| Petr Pisar | 2016-12-08 15:29:53 UTC | Keywords | Patch | |
| David Steele | 2017-06-19 19:52:37 UTC | CC | david.steele | |
| Petr Pisar | 2017-07-07 06:38:18 UTC | Blocks | 1465904 | |
| Ondrej Vasik | 2017-07-14 13:31:34 UTC | Blocks | 1466370 | |
| Joe Orton | 2017-08-01 14:07:50 UTC | CC | jorton, vchoudha | |
| Flags | needinfo?(vchoudha) | |||
| Libor Miksik | 2017-08-29 14:34:45 UTC | CC | lmiksik | |
| Steve Almy | 2017-08-29 18:24:04 UTC | CC | salmy | |
| Brian Gollaher | 2017-08-29 20:22:11 UTC | CC | briang | |
| Petr Pisar | 2017-08-30 08:39:18 UTC | Assignee | perl-maint-list | ppisar |
| Petr Pisar | 2017-08-30 09:09:06 UTC | Status | ASSIGNED | MODIFIED |
| Fixed In Version | perl-IO-Socket-SSL-1.94-7.el7 | |||
| Doc Text | Feature: IO::Socket::SSL Perl module should default to system-wide certificate authority certificate store. Reason: If a TLS application based on IO::Socket::SSL Perl module does not provide an explicit path to a certificate authority certificate, no authority is known and the peer's identity cannot be verified. Defaulting to a system-wide store would make writing TLS application easier. Result: Using system-wide certificate authority certificate store by default was implemented. It's still possible to disable any certificate store by passing "undef" value to IO::Socket::SSL->new() constructor's SSL_ca_file option. | |||
| Doc Type | If docs needed, set a value | Release Note | ||
| errata-xmlrpc | 2017-08-30 09:11:13 UTC | Status | MODIFIED | ON_QA |
| Chris Williams | 2017-09-18 15:41:45 UTC | Blocks | 1420851 | |
| Lenka Špačková | 2017-11-13 13:35:50 UTC | Docs Contact | lkuprova | |
| Eva Mrakova | 2017-11-22 08:27:35 UTC | Status | ON_QA | VERIFIED |
| CC | emrakova | |||
| QA Contact | qe-baseos-security | emrakova | ||
| Lenka Špačková | 2017-12-20 14:58:21 UTC | Doc Text | Feature: IO::Socket::SSL Perl module should default to system-wide certificate authority certificate store. Reason: If a TLS application based on IO::Socket::SSL Perl module does not provide an explicit path to a certificate authority certificate, no authority is known and the peer's identity cannot be verified. Defaulting to a system-wide store would make writing TLS application easier. Result: Using system-wide certificate authority certificate store by default was implemented. It's still possible to disable any certificate store by passing "undef" value to IO::Socket::SSL->new() constructor's SSL_ca_file option. | The *IO::Socket::SSL* Perl module now uses the system-wide CA certificate store by default Previously, if a TLS application based on the *IO::Socket::SSL* Perl module did not provide an explicit path to a certificate authority (CA) certificate, no authority was known, and the peer's identity could not be verified. With this update, the module uses the system-wide CA certificate store by default. However, it is possible to disable any certificate store by passing the `undef` value to the `SSL_ca_file` option of the `IO::Socket::SSL->new()` constructor. |
| Flags | needinfo?(ppisar) | |||
| Petr Pisar | 2017-12-21 08:58:00 UTC | Flags | needinfo?(vchoudha) needinfo?(ppisar) | |
| errata-xmlrpc | 2018-04-10 00:25:24 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2018-04-10 10:02:54 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2018-04-10 06:02:54 UTC | |||
| errata-xmlrpc | 2018-04-10 10:03:07 UTC | Link ID | Red Hat Product Errata RHEA-2018:0688 | |
| Martin Kyral | 2020-05-14 12:55:24 UTC | Blocks | 1835755 | |
| Petr Pisar | 2020-05-14 13:16:34 UTC | Blocks | 1835755 |
Back to bug 1402588