Bug 1269855 - Certificate verification fails with multiple https urls [el7/curl]
Certificate verification fails with multiple https urls [el7/curl]
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: curl (Show other bugs)
7.2
Unspecified Linux
high Severity high
: rc
: ---
Assigned To: Kamil Dudka
Stefan Dordevic
Lenka Spackova
: Patch
Depends On:
Blocks: 1313485 1269660 1289025 1295829
  Show dependency treegraph
 
Reported: 2015-10-08 07:10 EDT by Kamil Dudka
Modified: 2016-11-03 13:43 EDT (History)
6 users (show)

See Also:
Fixed In Version: curl-7.29.0-30.el7
Doc Type: Bug Fix
Doc Text:
*libcurl* successfully communicates with servers requiring HTTP host name to match the TLS session host name Previously, in some cases, Network Security Services (NSS) incorrectly reused a TLS session for a server with a different host name. Consequently, HTTPS servers could respond with an HTTP error 400 (Bad Request). An upstream patch has been applied on the source code of the *libcurl* library to prevent NSS from reusing a TLS session in case the HTTP host name does not match the TLS session host name. As a result, *libcurl* can now successfully communicate with servers that require HTTP host name to match the TLS session host name.
Story Points: ---
Clone Of: 1269660
Environment:
Last Closed: 2016-11-03 13:43:43 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Comment 6 Robert Scheck 2016-05-20 07:35:15 EDT
Added this RHBZ to case 01637758 on the Red Hat customer portal to get this
moved on, given it breaks our ownCloud setups.
Comment 8 errata-xmlrpc 2016-11-03 13:43:43 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-2575.html

Note You need to log in before you can comment on or make changes to this bug.