Bug 1025598 - Openssl advertises support for curves it doesn't actually support in Client Hello
Summary: Openssl advertises support for curves it doesn't actually support in Client H...
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: openssl
Version: 6.6
Hardware: All
OS: Linux
Target Milestone: rc
: ---
Assignee: Tomas Mraz
QA Contact: Hubert Kario
Depends On: 1022468
TreeView+ depends on / blocked
Reported: 2013-11-01 03:49 UTC by Jan Kurik
Modified: 2018-12-04 12:36 UTC (History)
10 users (show)

Fixed In Version: openssl-1.0.1e-16.el6_5
Doc Type: Bug Fix
Doc Text:
Prior to this update, the Transport Layer Security (TLS) client advertised support for some elliptic curves that are not supported by it. As a consequence, server could choose unsupported elliptic curve and client would not be able to communicate with the server over the TLS. With this update, OpenSSL TLS client advertises only the curves that are supported by it, and TLS communication with server (using also curves not supported by the Red Hat Enterprise Linux OpenSSL TLS client) can now be established.
Clone Of:
Last Closed: 2013-11-22 00:25:47 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 655233 0 None None None Never
Red Hat Product Errata RHBA-2013:1751 0 normal SHIPPED_LIVE openssl bug fix update 2013-11-21 09:13:17 UTC

Description Jan Kurik 2013-11-01 03:49:32 UTC
This bug has been copied from bug #1022468 and has been proposed
to be backported to 6.5 z-stream (EUS).

Comment 12 errata-xmlrpc 2013-11-22 00:25:47 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.