Bug 1025598 - Openssl advertises support for curves it doesn't actually support in Client Hello
Openssl advertises support for curves it doesn't actually support in Client H...
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: openssl (Show other bugs)
All Linux
high Severity urgent
: rc
: ---
Assigned To: Tomas Mraz
Hubert Kario
: ZStream
Depends On: 1022468
  Show dependency treegraph
Reported: 2013-10-31 23:49 EDT by Jan Kurik
Modified: 2013-12-26 06:56 EST (History)
11 users (show)

See Also:
Fixed In Version: openssl-1.0.1e-16.el6_5
Doc Type: Bug Fix
Doc Text:
Prior to this update, the Transport Layer Security (TLS) client advertised support for some elliptic curves that are not supported by it. As a consequence, server could choose unsupported elliptic curve and client would not be able to communicate with the server over the TLS. With this update, OpenSSL TLS client advertises only the curves that are supported by it, and TLS communication with server (using also curves not supported by the Red Hat Enterprise Linux OpenSSL TLS client) can now be established.
Story Points: ---
Clone Of:
Last Closed: 2013-11-21 19:25:47 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 655233 None None None Never

  None (edit)
Description Jan Kurik 2013-10-31 23:49:32 EDT
This bug has been copied from bug #1022468 and has been proposed
to be backported to 6.5 z-stream (EUS).
Comment 12 errata-xmlrpc 2013-11-21 19:25:47 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.