Bug 1153331

Summary: ECC supported curves list extension is missing in DTLS1 client hello
Product: Red Hat Enterprise Linux 7 Reporter: Karel Srot <ksrot>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED DUPLICATE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.0CC: hkario, tmraz
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1119800 Environment:
Last Closed: 2014-10-16 07:36:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Karel Srot 2014-10-15 19:17:02 UTC 
present on 7.0 too, openssl-1.0.1e-34.el7_0.6

+++ This bug was initially created as a clone of Bug #1119800 +++

ECC supported curves list extension is missing in DTLS1 client hello message. Because we do not support all of the ECC curves that are currently widely used this severally worsens the interoperability of DTLS1 protocol in our openssl package.

Upstream recently fixed this issue.
Comment 1 Tomas Mraz 2014-10-16 07:36:01 UTC 
This is already in the errata.

*** This bug has been marked as a duplicate of bug 1119803 ***