Bug 1410874
Summary: | malformed ALPN extension is rejected with incorrect alert messages | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Alicja Kario <hkario> | |
Component: | nss | Assignee: | nss-nspr-maint <nss-nspr-maint> | |
Status: | CLOSED WONTFIX | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | |
Severity: | low | Docs Contact: | ||
Priority: | low | |||
Version: | 6.8 | CC: | kengert | |
Target Milestone: | pre-dev-freeze | |||
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | If docs needed, set a value | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1511460 (view as bug list) | Environment: | ||
Last Closed: | 2017-11-08 16:15:38 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1511460 |
Description
Alicja Kario
2017-01-06 16:33:53 UTC
If you find deficiencies in NSS that aren't specific to our packaging, please always report an upstream bug. EKR / Upstream has argued this isn't an issue with TLS 1.2, only with TLS 1.3 which we won't enable yet. the decode_error wording comes from RFC 5246, not from TLS1.3 draft... I understood his comment as "while in TLS1.2 we might have been able to weasel out, TLS 1.3 is too precise in that regard so it should be fixed everywhere" Upstream hasn't made progress in 7 months. It seems this is considered low priority. Unlikely to get fixed for 6.10 imprecise error message doesn't meet the criteria for priority items for 6.10, I'm marking it as wontfix, to indicate we won't track it for 6.10 it's good that you have reported this upstream, to get this fixed eventually. |