Bug 1166526 - disable SSL 3.0 from the DEFAULT level
Summary: disable SSL 3.0 from the DEFAULT level
Keywords:
Status: CLOSED DUPLICATE of bug 1220679
Alias: None
Product: Fedora
Classification: Fedora
Component: crypto-policies
Version: 21
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
Assignee: Nikos Mavrogiannopoulos
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 1153830 1165711 (view as bug list)
Depends On:
Blocks: 1166571
TreeView+ depends on / blocked
 
Reported: 2014-11-21 07:38 UTC by Nikos Mavrogiannopoulos
Modified: 2015-05-28 13:57 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2015-05-28 13:57:19 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Nikos Mavrogiannopoulos 2014-11-21 07:38:17 UTC 
The "DEFAULT" profile of crypto-policies includes SSL 3.0, and given the recent severity of the POODLE attack, it should be disabled by default. That is because software using the fallback dance is impossible to protect without disabling it.
Comment 1 Fedora Blocker Bugs Application 2014-11-21 07:42:18 UTC 
Proposed as a Freeze Exception for 21-final by Fedora user nmav using the blocker tracking app because:

 Given the severity of the poodle attack it is a good idea to update the default policies to remove SSL 3.0 support.
Comment 2 Nikos Mavrogiannopoulos 2014-11-21 10:29:50 UTC 
*** Bug 1165711 has been marked as a duplicate of this bug. ***
Comment 3 Nikos Mavrogiannopoulos 2014-11-21 10:33:47 UTC 
No longer a blocker for F21 as it has side-effects #1166571. Probably this change should be delayed for F22.
Comment 4 Nikos Mavrogiannopoulos 2014-11-25 12:14:27 UTC 
*** Bug 1153830 has been marked as a duplicate of this bug. ***
Comment 5 Nikos Mavrogiannopoulos 2015-05-28 13:57:19 UTC 

*** This bug has been marked as a duplicate of bug 1220679 ***
Note You need to log in before you can comment on or make changes to this bug.