Bug 1153723
Summary: | CVE-2014-3566 POODLE - Enable TLS for SSL Camel connections | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Milan Crha <mcrha> |
Component: | evolution-data-server | Assignee: | Matthew Barnes <mbarnes> |
Status: | CLOSED ERRATA | QA Contact: | Desktop QE <desktop-qa-list> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.1 | CC: | darodzyree, mcrha, t.h.amundsen, vbenes, williama_lovaton |
Target Milestone: | rc | Keywords: | EasyFix, Patch |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | evolution-data-server-3.8.5-32 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-03-05 13:33:52 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Milan Crha
2014-10-16 16:12:43 UTC
*** Bug 1159704 has been marked as a duplicate of this bug. *** I realized my patch in 3.8.5-30 has missing a very important chunk from the Fedora bug, which makes this non-working. The chunk is added since 3.8.5-32. (In reply to Milan Crha from comment #0) > Please note that evolution-data-server in RHEL6 is not affected by this. This is also not true, IMAP is fine, but POP3, SMTP and NNTP are affected (thanks to Tomas Bzatek, whom found it). I just configured my mail server to not accept SSLv3 and Evolution is sending mail without any problem: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Some other windows clients are using TLSv1.2 But when I disable SSLv3 in Dovecot I'm not able to download my emails through secure POP3: dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=10.11.43.3, lip=10.0.23.8, TLS handshaking: SSL_accept() failed: error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number, session=<8DoxN7EHbAAKCysD> I hope the patch can be backported to Fedora 19 too. Thanks, William (In reply to William Lovaton from comment #5) > I just configured my mail server to not accept SSLv3 and Evolution is > sending mail without any problem: > ... > I hope the patch can be backported to Fedora 19 too. Hello, are you talking about RHEL7 (this bug is filled against RHEL7) or Fedora 19 (you found bug #1153052 as well)? Hello, you are right, I'm talking about Fedora 19, it's just that bug #1153052 was filed for Fedora 20 and I thought it wouldn't be backported to F19. But now that I see the same bug for RHEL 7 which have the same version of evolution I decided to share my findings here. Now I see in the other bug that an update for Fedora 19 have been released, thanks a lot for your help, that was quick. Greetings, we can we expect this issue resolved/update to be available on RHEL7? (In reply to Darod Zyree from comment #8) > Greetings, we can we expect this issue resolved/update to be available on > RHEL7? With the RHEL 7.1 release. Alternatively, as Fixed In field says, evolution-data-server-3.8.5-32. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-0561.html |