Bug 1548093
Summary: | smart_proxy_dynflow_core weak cipher | ||
---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Mike McCune <mmccune> |
Component: | Remote Execution | Assignee: | satellite6-bugs <satellite6-bugs> |
Status: | CLOSED ERRATA | QA Contact: | Lukas Pramuk <lpramuk> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 6.2.14 | CC: | adprice, anazmy, aruzicka, bbuckingham, bkearney, dlobatog, ehelms, inecas, jcallaha, linux, lpramuk, mike.beachler, mirko.schmidt, mmccune, mmithaiw, nitthoma, oshtaier, phess, pmutha, sokeeffe, sraut, zhunting |
Target Milestone: | Unspecified | Keywords: | PrioBumpGSS, Triaged |
Target Release: | Unused | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | foreman-installer-1.11.0.19-1 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 1388198 | Environment: | |
Last Closed: | 2018-05-21 20:16:44 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1388198 | ||
Bug Blocks: | 1545876 |
VERIFIED.
@satellite-6.2.15-1.0.el7sat.noarch
tfm-rubygem-smart_proxy_dynflow_core-0.1.3.2-1.el7sat.noarch
# nmap --script +ssl-enum-ciphers localhost -p 8008
...
PORT STATE SERVICE
8008/tcp open http
| ssl-enum-ciphers:
| TLSv1.1:
| ciphers:
| TLS_RSA_WITH_AES_128_CBC_SHA - strong
| TLS_RSA_WITH_AES_256_CBC_SHA - strong
| compressors:
| NULL
| TLSv1.2:
| ciphers:
| TLS_RSA_WITH_AES_128_CBC_SHA - strong
| TLS_RSA_WITH_AES_128_CBC_SHA256 - strong
| TLS_RSA_WITH_AES_128_GCM_SHA256 - strong
| TLS_RSA_WITH_AES_256_CBC_SHA - strong
| TLS_RSA_WITH_AES_256_CBC_SHA256 - strong
| TLS_RSA_WITH_AES_256_GCM_SHA384 - strong
| compressors:
| NULL
|_ least strength: strong
>>> least strength cipher is strong
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:1672 |
FailedQA. @satellite-6.2.15-1.0.el7sat.noarch tfm-rubygem-smart_proxy_dynflow_core-0.1.3.1-1.el7sat.noarch # nmap --script +ssl-enum-ciphers localhost -p 8008 | grep -e weak -e TLSv -e SSLv | TLSv1.1: | TLS_RSA_WITH_IDEA_CBC_SHA - weak | TLSv1.2: | TLS_RSA_WITH_IDEA_CBC_SHA - weak |_ least strength: weak >>> weak ciphers are still used